Dissecting two ransomware attacks on hospitals (Restore it All Podcast #77)

Prasanna and Curtis talk about two recent ransomware attacks on hospitals and what we can learn from them. They also discuss things you can do to protect yourself from such attacks, and how to prepare to respond if you get one. We especially talk about the 3-2-1 rule and the remote desktop protocol (RDP) and how these figure into protecting yourself from such things.

----- Signature and Disclaimer -----

Written by W. Curtis Preston (@wcpreston). For those of you unfamiliar with my work, I've specialized in backup & recovery since 1993. I've written the O'Reilly books on backup and have worked with a number of native and commercial tools. I am now Chief Technical Evangelist at Druva, the leading provider of cloud-based data protection and data management tools for endpoints, infrastructure, and cloud applications. These posts reflect my own opinion and are not necessarily the opinion of my employer.

4 thoughts on “Dissecting two ransomware attacks on hospitals (Restore it All Podcast #77)

  1. James Ganong says:

    Seeking clarifications on the 3-2-1 rule.

    When you say 3 copies, does the original data count as a copy?
    Or is it the original, plus three other copies?

    Currently, I have a fileserver with the original data,
    a backup fileserver in the same room,
    and another backup fileserver in another county on the internet.

    It would be really hard to talk my office into buying another fileserver.
    I have an extra raid that I could add to the original file server,
    and keep a copy there along with the original data.

    I know you might say “It’s more of a Guideline than a Rule” but think it might help more people than just me to clarify this, because it is hard to keep up the energy to stand up that fourth server!

    • W. Curtis Preston says:

      The 3 is three versions. Most people have many more than that, and I personally wouldn’t count the original as one of those versions. But don’t confuse it with the 2 copies. That is saying that you should have the backups on two different pieces of media. You could have three additional versions all on the same tape/disk. The point of the 2 is then to make sure to have those on different media. Neither would I could the original as one of the two copies on different media.

      • James Ganong says:

        Thanks, I googled it and I see your article in Networkworld, “For secure data backup, here’s how to do the 3-2-1 rule right” and that clarifies it more for me.

        • W. Curtis Preston says:

          LOL. You know what’s annoying? When you’re ME and you’re trying to get clarification on something, and all I find is articles and blogs I wrote. Not helpful.

Comments are closed.