Servers: The Right Compute
cancel
Showing results for 
Search instead for 
Did you mean: 

How to Battle Ransomware Before and After an Attack

TimPeters

Don’t wait. Know the steps your company can take that can have a huge impact on how quickly and effectively your company can recover from a ransomware attack.

ransomeware_data protection_blog.jpgRansomware attacks—a digital extortion racket that prevents access to data until you pay a ransom, usually via Bitcoin—are becoming more frequent.

The Petya cyberattack last month involved servers from Ukraine to the United States, reportedly affecting many companies including Rosneft, the Russian energy giant; Merck, a pharmaceutical company; and Maersk, a shipping company.

The old adage of having a solid firewall in place cannot protect your company from ransomware. In fact, the increasing sophistication of phishing techniques means that an attack is almost inevitable. But, there are steps you can take that will have a huge impact on how quickly and effectively your company can recover.

HPE’s silicon root of trust is perhaps the most comprehensive server security available for IT organizations. I believe HPE’s implementation of silicon root of trust is the gold standard in protecting IT server infrastructure from these attacks that are increasingly difficult to detect.

Featured article in forbes.com

Before you are attacked: The best insurance policy against a ransomware attack is to have a comprehensive plan in place for backing up your mission-critical data. You need a data protection solution that performs regular backups across devices, desktops, and cloud apps covering all of your users. Getting your employees back to work as quickly as possible requires backup of user-specific data sets such as profiles, system and app settings, and folders.

Validating and modify backup frequencies based on the criticality of your data is very important. Testing your restore process on a regular basis is recommended as well as reviewing your backup policies every six months to ensure they continue to meet needs.

HPE Pointnext services offers workshops and assessments that can help you identify and mitigate your risk by putting the right security and privacy controls in place, from user access through data protection for backup and continuity requirements.

After an attack: Don’t pay the ransom. There are no guarantees when dealing with criminals and the email address used by the attackers is often quickly disabled. The sooner you disconnect the infected devices, the better your chances of containing the breach as many types of ransomware spread through the network. Continue to monitor systems to identify if new files are getting encrypted or disappearing and try to find out from your users where and how the attack originated.  

Initiate your restore process from backup to a new device. Once a device has been infected, there is no way to guarantee that the ransomware is completely gone unless you wipe that device clean and start with a new image. Reimaging every computer that has been infected gives your organization the confidence that ransomware has been remediated and won’t resurface later. Many forms of ransomware can have a secondary payload that remains on a device after the attack.

For customers using HPE Gen10 servers with iLO silicon, we have made the recovery process easier and more comprehensive. The recovery process is initiated through iLO Advanced Premium Security Edition license with known good server firmware and the operating system (available late 2017). During recovery, we check the HPE server from the ground-up making sure the restored components are free from any malware or virus. Only HPE has this ability because we created an immutable fingerprint anchored in our iLO5 silicon chip. 

0 Kudos
About the Author

TimPeters

VP/GM for HPE ProLiant Rack and Tower Servers and SMB Solutions. Previously VP/GM for HPE Server Software and Enterprise Solutions. Prior to HPE, Tim founded and partnered in technology management to provide strategic and operational expertise to both established and emerging companies. Seventeen years at Dell with scope of responsibility broad and inclusive for managing the company’s single largest P/L of the core product portfolio. Established successful start-up businesses in new product segments. Worked in Asia to consolidate and scale global development and operations while engaging new business partners to create a forward-thinking organization responsible for the long-term horizon in business investments, technology planning and solution development.

Events
June 18 - 20
Las Vegas, NV
HPE Discover 2019 Las Vegas
Learn about all things Discover 2019 in  Las Vegas, Nevada, June 18-20, 2019
Read more
Read for dates
HPE at 2019 Technology Events
Learn about the technology events where Hewlett Packard Enterprise will have a presence in 2019.
Read more
View all