Is your Data Protected from Ransomware Attacks?

It's no longer If, it's When

Powered by Asigra® Learn more

Ransomware attacks are increasing on an almost daily basis and are the No.1 threat to organisational resilience.

Ransomware is the most likely form of attack to happen to your Windows network and MS365 data, and is the most impactful

Just how big is the ransomware threat?

Here are just a few examples of recent high-profile ransomware attacks:


Attacked by Ransomware in December 2019, they had their shares suspended in March 2020. Read more here

Orange Business Services

Suffered an increasingly common, double extortion ransomware attack, with the data of enterprise customers being stolen, in a pre-encryption process. Read more here


Reports claim £7.8m in ransom paid to release decryption keys after GPS service taken offline. Read more here and here 

Beazley Cyber Insurance Underwriting

Leading Lloyds underwriter, Beazley saw a 131% increase in annual Cyber Insurance claims, with 24% linked to a compromised IT provider or vendor. Find out more here


Ransomware has Evolved

Ransomware used to announce itself in a big bang as soon as it accessed your network.  It scared you, but restoring your backup would often resolve the problem. Since 2017, ransomware has been evolving. Hackers have realised they need to disrupt the backup and recovery processes to make it more likely an organisation will pay the ransom.

How has ransomware evolved?

The average period between Cyber breach and detection is now 207 days, Evolved Ransomware uses this time to infect Windows and MS365 data, including local and offsite backups, without detection.

The ransomware relies on busy, untrained staff letting it in and not spotting the breach.

It waits for just the right time and then BOOM!

  1. Ransomware breaches your network, most likely via email.
  2. It remains seemingly dormant, not detonating.
  3. The ransomware is infecting your backups, as each backup takes place.
  4. The backup cycle completes, between 30 & 90 days, and then...
  5. The ransomware detonates, creating an Attack Loop.


The Impact of an Attack Loop

What is an Attack Loop?

Put simply, an Attack Loop means you cannot restore your data. As the ransomware lay dormant, it infected, or encrypted, all copies of your backup so you no longer have a clean version to restore from. The Attack Loop starts as soon as you try to recover your data.

What's the solution?

The best approach to this is to embed cybersecurity software inside the backup software, that scans for malware during backups and recoveries. Asigra’s Cloud Backup does exactly this and that is why Data2Vault recommends only Asigra.



On backup, your files are scanned in real-time, isolating malicious code and alerting administrators of infection.

Before restoration, files are scanned again to prevent the attack loop.

Our sophisticated malware detection engines identify both known and unknown malicious embedded code, including "zero day" attacks.



What is the Solution?

The best approach to this is to embed cybersecurity software inside the backup software, that scans for malware during backups and recoveries. Asigra’s Cloud Backup does exactly this and that is why Data2Vault recommends only Asigra. 

The Attack Loop service offers three layers of protection against the threat of Ransomware infection, the most comprehensive approach available today ... 

  1. The scanning of file backup data for zero day exploits during the data collection and data restore process. This prevents Ransomware infected data being recovered into the network and creating an Attack Loop. 
  2. The use of variable naming for all Asigra backup files, making them very difficult for Ransomware programs to locate. Advanced, but increasingly common strains of Ransomware such as SAMSAM, Zenis, SAMAS and CryptoWall locate and delete popular backup files before encrypting the user data. With the deletion of backup files the organisation is at high risk following a Ransomware incident. 
  3. The Attack Loop service applies a 2 Factor Authentication check at the administration level to all mass deletion requests. If a Ransomware program tried to trigger a “delete all backup files” request this would pass to your system administrator.


Now is the time to act

Ransomware is not a new phenomenon, yet technological advancements by savvy cyber-criminals have totally changed the game.

Targeted attacks are becoming more dominant because companies are much more likely to pay to have their business critical data released.

Protecting your business from ransomware is today's most important task. Complete the form below and we will be in touch very soon.