Expert Comments: Ransomware Victims Thought Their Backups Were Safe. They Were Wrong

By   ISBuzz Team
Writer , Information Security Buzz | Feb 28, 2020 03:40 am PST

The UK‘s cybersecurity agency has updated its guidance on what to do after a ransomware attack, following a series of incidents where organisations were hit with ransomware, but also had their backups encrypted because they had left them connected to their networks.

Keeping a backup copy of vital data is a good way of reducing the damage of a ransomware attack: it allows companies to get systems up and running again without having to pay off the crooks. But that backup data isn’t much good if it’s also infected with ransomware — and thus encrypted and unusable — because it was still connected to the network when the attack took place.

The UK‘s National Cyber Security Centre (NCSC) said it has now updated its guidance by emphasising offline backups as a defence against ransomware.