Identify Ransomware

Ransomware is a form of malware used by criminal organizations to encrypt data on infected systems, making the data inaccessible, typically requiring payment in return for a decryption key. Systems are typically infected by visiting a fraudulent website, or by opening unsafe email. Paying for the ransom does not guarantee that users will regain access to the infected system.

Any disruption in availability to data not only stops current operations but also negatively affects the perception of the company, affecting its future revenue. The decision to pay will be determined by various factors, including the scale of the attack, when it was detected, how quickly the business continuity plan kicked in, how widespread the ransomware encryption is, and when exactly the last back-up of uncorrupted data occurred.

Commvault identifies when a ransomware attack has taken place, alerts users and constantly protects backed up data by blocking rogue access. Commvault not only has had security built in since its inception, it employs special protections created to thwart ransomware attacks. Special files serve as known markers that can be monitored and agents block access to backed up data from the lowest level.

To understand the different methods Commvaultprovides to protect your data, see Ransomware Protection.

Last modified: 2/24/2020 4:59:21 PM