2017 - Offsite Backups are a key way to thwart recent Ransomware viruses

While travelling home from the excellent TM2 conference (thank you all that attended), I saw an article in USA Today indicating bad guys had unleashed a ransomware virus for windows based on some leaked NSA tools. It hit places in Europe first and then some in North America.

In the vein of better be safe than sorry, we always suggest that venues make an offsite backup of their database on a daily basis. It is better if this backup is:

• on a different network than the main database and/or
• on an external drive that is physically disconnected from the server after the backup is done and/or
• sent to an FTP site or machine external to the server and/or
• sent to some cloud backup

The important concept is that if you do get hit by ransomware or malicious software, then you have a backup that is ‘airgapped’ on another machine that is not connected to this machine. It is also why recommend that the database sever never be on a domain - making it harder for a virus to propagate from a download.

Today, we are suggesting that everybody make a backup onto another device, especially if you have windows servers — and make it standard practice going forward. Copying todays backup to a USB key today and removing it is probably a good first step.

 

If you want to read about the virus.

• http://money.cnn.com/2017/05/12/technology/ransomware-attack-nsa-microsoft/
• http://www.npr.org/sections/thetwo-way/2017/05/12/528119808/large-cyber-...
• https://www.theguardian.com/technology/2017/may/12/global-cyber-attack-r...
• http://www.zerohedge.com/news/2017-05-12/massive-ransomware-attack-goes-...

There is some good news — apparently the makers of the virus software put a kill switch in it — and a particularly astute individual diagnosed this and helped mitigate the attack.

https://www.theguardian.com/technology/2017/may/13/accidental-hero-finds...

 

Those who are:

1. using linux or OSX database servers are not affected.
2. running their servers on our Cloud are not affected.
3. using our cloud backup storage for offsite backups - have an offsite backup from last night at minimum

Regardless, making a backup just in case and copying to another machine is wise.

We apologize in advance if this might sound urgent (it is) .. and, like any cold prevention - better to stop it before you catch it. if you have any questions or need assistance, please let us know on the support email.