Authored by: Rick Vanover, Senior Director Product Strategy at Veeam Software
The demand for data security is more important than ever before. According to a survey done by CrowdStrike on global security attitude, the number of organizations falling for supply chain attacks around the world have increased from 14% to 39%.
As we progress in the age of technology with tighter and robust security measures, a ransomware attack is still one of the biggest challenges faced by industrial enterprises. Today, hackers are using people's fears and confusion to create cyber threats while leveraging on the coronavirus situation – security risks such as system paralysis, data loss, and business interruption due to phishing attacks and malware have been emerging over the last few months.
Recognizing the different types of threats
There is incredible fragmentation in the types of threats in play today. The threats come in a number of different ways, behave a number of different ways and even attack differently. As an example, some ransomware threats can upload data instead of encrypting the data. The victim will be threatened by the hacker, leveraging on a public leak of potentially sensitive data. These disguises and behaviors make it very difficult to consistently defend against the landscape of threats. The rule to follow is to have increased awareness by monitoring and analytics of the IT environment to be aware of what is normal behavior in the IT infrastructure.
As a solution, organizations are highly recommended to increase encryption to help defend against threats. Using backup data as an example, take a step back and think about all the implications of a blackmail risk of using the whole backup of an organization.
At Veeam, all our clients are advised to implement more “nearline” encryption and enhancing security practices for backup systems. With this, backups are encrypted in every step of the way, including the first disk resource on-premises. Encrypting backups historically is a great idea when tapes leave the IT facility or if data is transmitted over the Internet; but now with these threats, the need for encryption comes nearer. Ideally, resiliency implementation can prevent this situation, but this is beyond the previous recommendation around encryption. Consider the factors that enabled that behavior:
Prevention is better than cure
If a blackmail threat happens, it is usually too late to take action – therefore organizations are highly recommended to use more encryption throughout. Encrypted backups or other data will be ineffective out of the management realm.
The IT security community is generally consistent in recommending that victims never pay the ransom. One of the best courses of action is to engage with a breach task force. There are IT security firms that specialize in the analysis of what happened and can advise to prohibit this from happening again.
Most importantly, ask yourself this question as an IT decision maker: Do you want to be in this situation? If your answer is no, it is time to act now. Implement ultra-resilient backup storage and stringent security measures all-around, secure the critical parts of your infrastructure and more.
Backup storage resilience
It is highly advised for organizations to implement ultra-resilient backup storage. It is the single most effective form of storage to be resilient against ransomware. Here are four ways organizations can have ultra-resilient backup storage:
This is the constant back and forth battle; we need to improve our IT resiliency continually. Organizations must constantly assess the risks and opportunities to be resilient with their technology deployments. Here in Veeam, we are constantly working to improve technical recommendations based on the threat landscape – we should all play our part and do the same.