Ransomware attacks are often seen as just nuisance when you have a good backup. However it is a disaster for many businesses when you have no fallback.
Remember a ransomware is a monster with two heads. One, it denies you access your data. Two, what is often not talked about is the fact an intruder (well, in the form of a malware) came into your system and scrambled your files. This effectively constitutes loss of control as someone had laid their hands on your files. They surely had the ability to take your data out of your environment regardless whether the data was encrypted (by you) or not. Often times the majority of organisations don’t have a policy to encrypt data at rest.
Recently the cyber criminals have started to switch gear and threaten victims who don’t pay up to release data they smuggled out. They are also using this as a form of public shaming for those victims who try to swipe the incident under the carpet by just recovering their files from a backup.
We will see this last tactic more often and the best remedy is encrypting your data at rest.