Businesses are getting attacked with ransomware far more frequently than anyone is talking about. Half of businesses hit with ransomware never report it, according to The Ponemon Institute. There’s also the problem of undetected attacks.
The IT pros who are winning the battle against ransomware are doing so by using a backup solution and thinking about ransomware before it strikes. Backup is the number-one reason businesses are able to avoid paying a ransom to retrieve their data. But backup can also help you identify suspicious activity that can go undetected. Here's a quick look at three ways to sharpen your ransomware defenses:
1. Look for sudden changes in the size of your backups
If your backup size changes dramatically over 24 hours, it could be a sign that a ransomware virus has changed the contents of your files. You might also see files added to the backup that were not put there by you.
2. Beware of too many access attempts
An excessive number of access attempts by a device on the network could be a sign of suspicious activity. Repeated attempts that return error messages should be investigated immediately. Anomaly detection software can automate the task for environments where manual methods are not practical.
3. Keep daily and monthly backups
By running daily backups and checking backup sizes regularly, you stand a better chance of full recovery after an attack. Most organizations that experience ransomware find out within 30 days of the infection. If you discover suspicious activity or an infected file and are utilizing the right solution, you should be able to recover from the point in time immediately prior to the infection, ideally the prior day’s backup. If there’s an infected file that’s older than 30 days, you can recover a clean version from a prior monthly backup.
This article originally appeared on Carbonite.