The surge in ransomware attacks during the COVID-19 pandemic has been well documented. There has scarcely been a sector that has not fallen foul of ransomware attacks, with pipelines unable to deliver fuel to hospitals unable to treat patients.
Indeed, the number of attacks grew by an incredibly 93% during the first half of 2021. The expansion in attacks has coincided with increased ambition from attackers themselves, with demands made growing by 518%.
With the ransomware insurance industry growing, there is a tendency to simply pay up and regard it as an operational cost of doing business. As I argued in a recent article, this is often the worst strategy, as swift payment merely emboldens criminals to continue targeting organizations, especially given the poor conviction rate law enforcement agencies are able to secure.
When dealing with a loss of data, providing the concern is not that sensitive information will be leaked then the best weapon in your armory is to have an effective system of backing up your data. Often the best chance organizations have of beating the ransom demands of attackers is to understand the importance of time, or in other words, the speed with which systems and data can be recovered.
To do this well requires effective and thorough planning, with a good first step being to conduct a thorough audit of the data and apps used across your IT systems and attempt to order them according to their priority to your business. This will be crucial if an attack is made as it will allow you to focus on the parts of your system that need to be restored first to ensure business continuity. These will be apps that have a recovery time objective of minutes.
You should be aiming to ensure that your backups are both comprehensive and robust, with this taking on particular importance during a pandemic in which remote working has become the norm. The best practice here will be the 3-2-1 rule, which posits that there should be three copies of your data, that is stored across two different forms of media, with one copy kept off-site. This offsite backup should ideally be isolated from your business network to help protect against ransomware.
As data is increasingly the lifeblood of modern businesses, it's vital that backups are made on a regular basis to ensure there is a minimal lag between what is contained in the backup and the current state of your data. The frequency of data backup is especially important for off-site backups, and if the risk of attack is high then more frequent backups might be a sensible precaution.
Full article here.
#backup #ransomware #yokdata #data #storage #cloud #secure #privacy