In 2023, the UK logistics firm, Knights of Old, was hit by a ransomware attack. The attack did more than take down their operational systems. It also destroyed their backups. With nothing left to restore from, the 158 year old company shut down permanently, and 700 employees lost their jobs.

A few years earlier, in December 2019, The Heritage Company in the United States suffered a ransomware attack that encrypted both its systems and its backups. Even after paying the ransom, some systems never came back online. The company laid off more than 300 employees and struggled for months before closing entirely.

And then there is the Colonial Pipeline cyber attack of 2021, one of the most well-known modern ransomware attacks. Colonial had backups, but the restoration process was too slow to resume operations quickly. The company paid a ransom of over $4 million in an attempt to speed recovery, yet still faced significant downtime and fuel supply disruption. 

These cases show an uncomfortable truth. Having data backups is not enough. If ransomware can reach your backups, your ransomware recovery plan could fail just when you need it most. Learning how to protect from ransomware also means ensuring that your backups can be restored fast enough to meet your business continuity needs.

Your first line of defense is prevention, including phishing awareness training. You can learn more in our recent article, “Can your team spot an email phishing attack?”. But when prevention fails, the next line of defense is a secure, isolated offsite backup that ransomware can’t touch.

What a Ransomware Attack Could Do to Your Business

Ransomware is malicious software that encrypts your files and demands payment for the decryption key. Once it gains access to your network, it can spread quickly, encrypting servers, workstations, and connected backup systems, typically locking you out from accessing any of them. When backups are also compromised, businesses face:

• Weeks or months of downtime during recovery
• Lost revenue and missed opportunities
• Permanent loss of important files
• Closure, as in the cases of Knights of Old and Heritage Company

Learn How to Protect from Ransomware with Offsite Backups

An offsite data backup is stored separately from your primary network, often in the cloud or in a secure physical location. Because it is physically or logically isolated, ransomware cannot encrypt or delete it during an attack.

If Knights of Old or The Heritage Company had clean, isolated offsite backups, their stories might have ended differently. If Colonial Pipeline had a more efficient restoration plan, it could have avoided days of costly disruption. Offsite backups allow you to:

• Recover data after ransomware without paying the ransom
• Restore operations faster and reduce downtime
• Avoid the devastating loss of both data and business continuity

How to Make Your Backup Ransomware-Ready

At minimum, every organization should keep its critical data stored in an offsite backup. For businesses that prioritize business continuity, a full offsite copy of their on-premises or cloud servers can make it possible to be up and running again within hours after an incident.

This level of preparation ensures recoverability not only from ransomware attacks, but also from fires, hardware theft, and even damage caused by natural disasters.

To protect your business, your backup strategy for ransomware should include:

1. Automated data backup so nothing is missed
2. Regular restore testing to confirm backups actually work
3. Encrypted offsite backup for secure storage in transit and at rest
4. Multiple backup versions so you ican roll back to a clean point in time
   

The Bottom Line to Protect from Ransomware Attacks

Ransomware is not just an IT problem. It is a business survival problem. Data backups only matter if they are protected, tested, and ready to restore when you need them. Ask yourself this: if an attack happened tomorrow and your primary systems were gone, how quickly could you get back to work? And more importantly, are you certain your backups would be there to save you?

If the answer is not a confident yes, now is the time to fix it. Build an offsite backup plan, test it often, and make sure it is isolated from your day-to-day systems. Or, send us a quick message to get started building your recovery plan. With the right preparation, a ransomware attack becomes a challenge you can recover from instead of a disaster you can’t survive.