Be Prepared So You Don't Have to Pay Ransomware | Zerto

The Value of Being Prepared – Cascadia Rising, Bitcoin and Backups

By Keith Taylor, Product Specialist at Zerto

From the 7th– 10th June, an absolute behemoth of a preparedness exercise was carried out involving approximately 20,000 people in the Pacific Northwest region of the US.  With personnel from federal, state and local government, multiple branches of the military, plus participants from local communities and the private sector all involved, it was one of the largest such drills ever undertaken.

The purpose of the exercise was to prepare for and test the coordination and effectiveness of the agencies involved in response to an unprecedented 9.0 magnitude earthquake, and the inevitable resulting tsunami along the Cascadia Subduction Zone (CSZ).


The CSZ itself is a 600-mile long fault that runs just off the coast all the way from Northern California to British Columbia.  Great Subduction Zones such as CSZ produce the largest earthquakes in the world – only these source zones are able to produce quakes with a magnitude greater than 8.5.  Research has shown that this fault produces a major (9.0+) magnitude earthquake every 500 years on average, however where big quakes have historically been separated by as little as 200 years or as much as 1,000 years, predicting when the next big one will hit is difficult to say the least.  As tectonic pressure has been building up in the region for over 300 years though, seismologists have warned that the fault could rupture at any time and so the Cascadia Rising drills have sensibly been carried out in preparation for the big event, if and when it does occur.

I love to see this level of preparedness and forethought.  If you haven’t cottoned on by now, I’m a big fan of Best Practice mentalities and doing something right the first time around.  It makes life so much easier in the long run. Planning ahead for any eventualities —  albeit usually on a completely different scale to Cascadia Rising — is key to ensuring that your business is agile and resilient enough to cope with both anticipated and unforeseen threats.

By now you’re probably familiar with at least some of the content I’ve produced for Zerto around Recovering from Ransomware. I came across a very interesting article this week on the Crypto Coins News website discussing some figures obtained in a recent Citrix survey conducted in the UK.

36% of businesses with 250-500 employees store cryptocurrencies.
57% of businesses with 501-1000 employees also have a stockpile.
18% of large businesses with over 2,000 employees amass bitcoin.

I think that everyone now agrees that Ransomware is one of — if not the greatest —  threat to businesses worldwide at this present moment.  But how do you prepare for this?  According to this Citrix survey, an alarming large number of organisations seem to have decided that the best way to prepare for a Ransomware attack is to stockpile Bitcoins so that they can pay the ransom when it happens.

Now I must admit that I find this to be a mind-boggling way to counter this threat.  Not least because as we’ve seen before, paying the ransom is no guarantee that your files will be decrypted – I refer you to the recent case just last month of Kansas Heart Hospital, who paid up only to have the attackers turn around and demand a second payment.  And this is far from the only example.

There were two particular statistics revealed in this survey that I find the most worrying though, particularly when viewed in tandem.  The first is that larger firms (employing 2000 people or more) are willing to pay in excess of £50,000 to regain access to their data.  Combine this with the more worrying (and honestly kind of unbelievable) statistic that 48% of businesses still don’t backup their data more than once per day and seriously, I just can’t see the logic here…

(Side note:  It’s also worth noting that Backup is not Disaster Recovery – read why here)

To me, this is not preparedness at all.  This is more of a knee-jerk reaction, a quick-fix to a problem.  Maybe some organisations feel that they’re unlikely to suffer a Ransomware attack and so, rather than invest in a proper solution, they stockpile funds that can be reallocated at a later date if nothing happens.  I find that to be a rather short-sighted approach however as whilst the threat may be Ransomware today, how long will it be until this changes or evolves into something new?  How are you going to cope with it then?  Chances are that stockpile won’t help…

Regardless of how likely or not a business may be to suffer a Ransomware attack or anything else that might entail a disruption to operational activities, if the threat exists then Best Practice means you should act to counter it in advance – and I do mean counter, not acquiesce by preparing to pay a ransom.

Looping back to my introduction here, this is exactly what the Cascadia Rising drills were all about.  Okay so the chance of a colossal magnitude 9.0+ earthquake might be small – tiny, even – but the impact if it does happen will be tremendous.  Now, I appreciate that our abilities to “counter” that particular event are severely limited, but this is why preparedness becomes so essential.

This doesn’t just mean being aware of a potential threat and having a plan to deal with it, but also making sure you have the ability to put your plan to the test, to make sure it works as you expect.  The fact that 20,000 people across goodness-knows how many organisations can come together to carry out an exercise like Cascadia Rising, in my book, means that ALL businesses should be able to manage this without too much difficulty as well.  The solutions are out there; you just have to recognise the need for them.

And so it is, that I applaud the many thousands of people who got involved in recognising the threat, planning ahead, conducting thorough tests of their capabilities and striving to collaborate to reduce the impact to humanity.  I sincerely hope though, that the day we need the knowledge and expertise gained during the Cascadia Rising exercises, is still a long way off.