Billing it as the last line of defense against ransomware attacks, BackupAssist is releasing its CryptoSafeGuard ransomware protection worldwide.
The Melbourne, Australia-based company is targeting small and medium-sized businesses (SMBs) with the release, saying the proprietary solution is robust enough for enterprises, but the lower price point will make it attractive to smaller organizations.
“A few years ago, ransomware was really just a threat to the military,” Troy Vertigan, VP of sales and marketing at BackupAssist, points out to ChannelE2E. “But recently it’s evolved into a threat to all businesses. That’s not just the top end of town, but it’s small and medium businesses as well.”
The threat from ransomware has grown more than 200-times in just one year, a number which Vertigan calls staggering. “Unfortunately I think everyone knows somebody that’s been infected,” he says. “It’s no longer imaginary.”
With that in mind, BackupAssist decided to take action a little less than a year ago when the company’s founder and CEO, Linus Chang, began to think hard about the problem.
As Chang points out, the FBI doesn’t actually have a solution for the problem. “When someone gets infected they recommend they just pay the ransom,” he tells ChannelE2E.
Starting with Security Safeguards
The company’s research showed people typically turn to anti-virus and anti-malware software to keep out malware, but those solutions often don’t go far enough.
“Ransomware used to just be social engineering where someone gets a word document, they open it up, click ‘enable macros’ and their computer gets infected. But now the infections are so much more sophisticated,” he says, pointing to the recent WannaCry attack as one example of malware exploiting operating software vulnerabilities.
“I know personally of people who have actively been hacked,” he says. “Hackers have broken in via weak passwords and installed ransomware on the network and held the business to ransom for two bitcoins.”
Meantime, there are more advanced techniques that security programs can’t reliably detect, he says. According to Chang, once ransomware makes its way into a network, businesses are especially vulnerable.
It’s what Chang refers to as ‘infection magnification.’ He explains that one infected computer can lead to triple the damage. Primary storage can be attacked, as well as distributed storage like Google Drive and Dropbox is also vulnerable. This has a large impact on remote workers and traveling salespeople.
“They really amplify the pain,” he says. “Because any corrupted files will get replicated to the cloud and then pushed out to other machines using that service.”
Once the malicious software has impacted head office it’s likely to corrupt the backup systems, according to Chang.
“Normal backup software will just backup whatever’s on the server. So if you’ve got corrupted files there it will just back them up,” he says. “And that’s a big problem because most backup software has a limited space for version history.”
“We’ve absolutely heard of people being forced to pay the ransom,” he says. “So that’s why we really focused on how to protect the backup as the last line of defense,” he says.
Backup Assist's Approach
Chang says BackupAssist is in a unique position to deal with this because of the company’s experience creating backups and scanning them for changes. That makes it easier for them to notice changes in the file and directory structures, mangled filenames, or malformed files.
Using that information they were able to create the CryptoSafeGuard solution. The offering is built around a suite of solutions the company invented to actively protect backups from ransomware threats, according to Chang. He explains they accomplish this in three ways:
- Detect: The program scans and detects the effects of ransomware activities in the source files intended for backup
- Protect: It includes features to stop ransomware from infecting backups from the BackupAssist computer
- Respond: It alerts users via SMS and email and preserves the last good backup by blocking future backup jobs from running
Chang says the important thing to note is that the features in CryptoSafeGuard are not designed to replace traditional solutions like firewalls and antivirus. Instead, they’re designed to be used in conjunction. Where antivirus and anti-malware are focused on the threat, BackupAssist asserts its solutions are based on the content, like an undo button to roll back the damage.
“We’re not claiming that we’re the only thing you need,” he says. “We are an excellent reactive defense against crypto lockout and other crypto-based ransomware. We believe people will still need active defenses. So absolutely you need to educate the users about social engineering, you need email firewalls, intrusion detection, antivirus and antimalware.”
Reaction And Channel Plans
According to Vertigan, reaction to the beta version of the program has been positive.
“We’ve had dozens and dozens of beta testers, and they’ve all been very excited,” says Vertigan. “The feedback has been fantastic.”
The company will market the solution as part of a subscription service dubbed BackupCare. The subscription gives customers access to newer versions of BackupAssist, support, and CryptoSafeGuard. That means anyone with an existing subscription gets access to the new solution without any extra cost.
For end-users who purchase off the company’s website, they can purchase BackupAssist and a 24-month subscription of BackupCare for $449. Channel Partners on the MSP program can purchase a subscription for $15 per month. “It's a great way for our channel partners to continue or even restart the conversation over backup subscriptions,” says Vertigan.
Growth has been largely organic since BackupAssist began operations in 2002, with the company relying on things like search engine optimization and word of mouth to get its name out into the world. Recently, the company launched its Partner Program in North America as it makes a push there. Now the company has more than 30,000 subscribing customers and partners in 165 countries.
Admittedly, numerous backup companies offer ransomware mitigation solutions -- many of which are specifically designed for MSPs that safeguard SMB networks.