In 2023, the UK logistics firm Knights of Old was hit by a ransomware attack. The attack did more than take down their operational systems. It also destroyed their backups. With nothing left to restore from, the 158 year old company shut down permanently, and 700 employees lost their jobs.

A few years earlier, in December 2019, The Heritage Company in the United States suffered a ransomware attack that encrypted both its systems and its backups. Even after paying the ransom, some systems never came back online. The company laid off more than 300 employees and struggled for months before closing entirely.

And then there is the Colonial Pipeline cyber attack of 2021, one of the most well known modern ransomware attacks. Colonial had backups, but the restoration process was too slow to resume operations quickly. The company paid a ransom of over four million dollars in an attempt to speed recovery, yet still faced significant downtime and fuel supply disruption.

These cases show an uncomfortable truth. Having data backups is not enough. If ransomware can reach your backups, your recovery plan could fail just when you need it most. Learning how to protect from ransomware also means making sure your backups can be restored fast enough to meet your business continuity needs.

Your first line of defense is prevention, and that starts with the same habits covered in phishing awareness training, since phishing is how most ransomware gets in the door in the first place. But when prevention fails, the next line of defense is a secure, isolated offsite backup that ransomware cannot touch.

What to Do If You Suspect a Ransomware Attack

If you think your systems have been compromised, the first few minutes matter. A few immediate steps can limit how far an attack spreads:

• Disconnect the affected device from the network immediately, including Wi-Fi
• Do not turn the device off completely, since some data may still be recoverable in its current state
• Avoid paying the ransom right away, since payment does not guarantee your files will be restored
• Contact your IT provider or helpdesk before taking any further action on the affected systems
• Preserve any ransom notes or messages, since they may be needed for reporting the incident

A responsive IT helpdesk matters most in exactly this kind of moment. Knowing who to call immediately, rather than figuring it out while systems are going down, often makes the difference between a contained incident and a much larger one.

What a Ransomware Attack Could Do to Your Business

Ransomware is malicious software that encrypts your files and demands payment for the decryption key. Once it gains access to your network, it can spread quickly, encrypting servers, workstations, and connected backup systems, typically locking you out from accessing any of them. When backups are also compromised, businesses face:

• Weeks or months of downtime during recovery
• Lost revenue and missed opportunities
• Permanent loss of important files
• Closure, as in the cases of Knights of Old and The Heritage Company

Learn How to Protect from Ransomware with Offsite Backups

An offsite data backup is stored separately from your primary network, often in the cloud or in a secure physical location. Because it is physically or logically isolated, ransomware cannot encrypt or delete it during an attack.

If Knights of Old or The Heritage Company had clean, isolated offsite backups, their stories might have ended differently. If Colonial Pipeline had a more efficient restoration plan, it could have avoided days of costly disruption. Offsite backups allow you to:

• Recover data after ransomware without paying the ransom
• Restore operations faster and reduce downtime
• Avoid the loss of both data and business continuity

How to Make Your Backup Ransomware-Ready

At minimum, every organization should keep its critical data stored in an offsite backup. For businesses that prioritize business continuity, a full offsite copy of their on-premises or cloud servers can make it possible to be up and running again within hours after an incident.

This level of preparation supports recoverability not only from ransomware attacks, but also from fires, hardware theft, and damage caused by natural disasters.

To protect your business, your backup strategy for ransomware should include:

• Automated data backup so nothing is missed
• Regular restore testing to confirm backups work when you need them
• Encrypted offsite backup for secure storage in transit and at rest
• Multiple backup versions so you can roll back to a clean point in time

The Canadian Centre for Cyber Security recommends testing your backup and recovery plan regularly rather than assuming it will work when the time comes. A backup that has never been tested is a plan, not a guarantee.

The Bottom Line to Protect from Ransomware Attacks

Ransomware is not just an IT problem. It is a business survival problem. Data backups only matter if they are protected, tested, and ready to restore when you need them. Ask yourself this: if an attack happened tomorrow and your primary systems were gone, how quickly could you get back to work? And more importantly, are you certain your backups would be there to save you?

If the answer is not a confident yes, now is the time to fix it. Build an offsite backup plan, test it often, and make sure it is isolated from your day-to-day systems. With the right preparation, a ransomware attack becomes a challenge you can recover from instead of a disaster you cannot survive.

Get Your Free IT Assessment

Not sure how your current backup and recovery setup would hold up against a ransomware attack? We offer a free IT assessment for Nanaimo and Vancouver Island businesses. We will take an honest look at your systems and walk you through what good protection should look like for your business.

Book Your Free Assessment