🎙️
23
c/cybersecurity-tipshugomurrayhugomurray7d ago

Two of my client accounts got hit with ransomware 3 months apart. Here's what changed between them.

First account was a small law firm in Portland. They lost everything because they had no offline backups. All their files got encrypted and they paid the ransom but still didn't get half their data back. Second account was a plumbing company I do electrical work for on the side. Same kind of attack but they had a simple external hard drive backup they disconnected every night. The owner's kid set it up after watching a YouTube video. They were back up and running within 4 hours. Total cost for the drive was 80 bucks. The law firm spent over 15 grand on recovery and still lost client files. Makes me wonder how many small businesses out there still think cloud syncing counts as a real backup. Any of you running into this kind of situation with clients or your own setup?
2 comments

Log in to join the discussion

Log In
2 Comments
abbyg60
abbyg607d ago
Did you see that survey from a security company last year where like 60% of small businesses still thought backing up to cloud storage was the same as having a real backup? That's the difference right there. The syncing stuff just gives you a copy of the encryption if it hits. Your plumbing company story is the one I keep telling people, a cheap hard drive and a 10 year old kid can save your whole business.
2
morgan_bailey93
morgan_bailey937d ago
Syncing stuff just gives you a copy of the encryption if it hits" - that's exactly it. I've seen people lose everything because they thought Dropbox was their backup. It's not. If a ransomware hits your computer and that folder is synced, your cloud files get encrypted too within seconds. I tell my clients to do the 3-2-1 rule. Three copies of your data, two different types of media, one copy offsite. An external hard drive that you disconnect after backing up is your best defense. Keep it in a drawer or take it home with you. Automate the backup so you don't forget, but physically unplug that drive after. A disconnected hard drive can't be hit by ransomware no matter what happens to your main system.
6