Ransomware, security

How Prepared Are You To Survive Ransomware? Just Check Your R-Score

Ransomware can be hard to defend against. Difficulties begin with finding it in the first place, then stopping attacks, and, finally, recovering from those attacks. It’s so tough because the malware can have tentacles all throughout your infrastructure—on your servers, in your storage, on your network, even in your cloud backups.

Because of this, it can be challenging to even know where to start. Those problems prompted HYCU and several industry partners to create a tool that makes finding your level of preparedness to resist ransomware as easy as understanding your credit score.

The idea is that making it simple to quantify that information will encourage companies to discover the weaknesses in their infrastructure. And let’s face it—pretty much every infrastructure has soft spots, including yours.

HYCU calls it the “R-Score,” and it’s determined by taking you through a survey that asks specific questions in five categories:

  1. Backup processes
  2. Backup infrastructure
  3. Security and networking
  4. Restore processes
  5. Disaster recovery

Your answers add up to a single score that estimates your organization’s overall ransomware defenses. You also get a rating per category, so you might be strong in security and networking, but weak in disaster recovery, for example.

The survey asks specific, probing questions designed to glean your ransomware readiness. Here are some examples:

  • At what percent are backup SLOs aligned with business requirements?
  • What percentage of the backups have at least one copy of immutable or air-gapped backup?
  • What percentage of the Core Infrastructure Recovery Point Objectives (RPOs) are aligned with business RPOs?
  • Is the data in transit between the backup source and backup server encrypted?
  • Is the backup infrastructure on a segmented network?

One helpful aspect of the questions is that they have clear explanations that appear as popups upon hovering over it. These popups provide important contextual information for test-takers who may not fully grasp the thrust of the question. See Figure 1 for an example.

Figure 1: A popup providing context for a question in the R-Score survey.

ActualTech Media Media CEO Scott Lowe and ActualTech Media Partner and VP of Content James Green had a discussion in which they went through the survey, providing their thoughts on its usefulness.

“It provides a good roadmap to making it [ransomware preparedness] better … There’s nothing else like it out there right now,” Lowe said.

Lowe added that “I think this is going to be especially useful to small and midsize organizations” that may lack a dedicated security specialist.

Green was impressed with the initial iteration of R-Score and how it may open an organization’s eyes. “The thing I love about this tool is it helps surface the breadth of questions you should be thinking about. Then you can be taking a look at ‘Where was I not paying enough attention?’”

For instance, one question that Green said he’d never asked himself in his years in IT was, “Is the backup infrastructure using multi-factor authentication?” After taking the survey, it’s something he would take action on.

Going through the survey and accepting all the defaults, which would denote an environment with essentially no ransomware protection at all, yielded a score of 82. Conversely, re-taking the survey and picking the strongest responses provided a score of 957. Figure 2 shows the R-Score of another test that would indicate an environment ripe for attack.

Figure 2: A poor R-Score like this should serve as an alert.

R-Score is a collaboration between HYCU, Carahsoft, and FireEye/Mandiant. Green noted that although HYCU does provide an easy way to contact the company for help in remediating ransomware readiness issues, it’s not necessary to do so get your score—you can simply take the survey, get your results, and not have to provide any information to anyone.

In a blog announcing the tool, HYCU said that it would be regularly updated.

Given the non-stop ransomware assaults happening to organizations these days, especially with the rise of automated attacks and Ransomware as a Service, it’s imperative that organizations take action immediately. To remain passive in the face of this scourge is to be negligent.

And a good first action to take is getting your R-Score. It’s only a first step, of course, but it may provide an initial direction, showing you where you’re most vulnerable. That will allow you to prioritize hardening your ransomware defenses, going from your least to your most secure areas, making the best use of your resources, and protecting your operations as quickly as possible.

The R-Score tool can be found here.