The stat is a few years old but still chilling: Cybersecurity Ventures projected that, as early as 2021, a business would be hit by ransomware every 11 seconds. Today the projections talk about a handful of seconds. The message is simple — the clock never stops, and the line of victims moves fast.
The part few managers face: the attack isn’t the worst problem. The inability to restore is. Paying the ransom doesn’t guarantee your data comes back, and data that comes back corrupted costs as much as data that’s lost for good.
This is where we separate backup from backup theater. A backup that was never tested, sits on the same network that got encrypted, or can be wiped by the same compromised credential — that backup was already gone the moment the attack started.
What actually survives ransomware
- Immutability (WORM / air-gap): a copy nobody — not the admin, not the attacker — can alter or delete within the retention window.
- The 3-2-1-1-0 rule: 3 copies, 2 media, 1 offsite, 1 immutable, 0 errors on restore verification.
- Tested restore: if you’ve never restored, you don’t have backup — you have hope.
The good news: you don’t need a six-figure proprietary license for this. Bacula and BareOS are open-source enterprise standards, and PodHeitor Backup layers immutability, global deduplication and a Rust-rewritten File Daemon on top — at a fraction of the cost per TB.
I’m Heitor Faria, MSc in Applied Computing (UnB), author of the Bacula book (PT/EN/ES) and PodHeitor lead developer. I’ve deployed and trained backup teams across dozens of organizations.
👉 Want to know in 30 minutes whether your company would survive a ransomware attack tomorrow? Book a free assessment with me. And if you want to fix it for good: we offer in-company training + low-cost deployment of Bacula / BareOS / PodHeitor for your team.
Disponível em: 
Português (Portuguese (Brazil))
English
Español (Spanish)
