Ransomware attacks are up 148% amid COVID-19, as cybercriminals take advantage of the new work-from-home world and target vulnerable industries and populations.
Ransomware penetrates an organization’s IT infrastructure through phishing emails or endpoint vulnerabilities and then encrypts files, holding data hostage until a fee is paid to decrypt them. The FBI has deemed ransomware the fastest growing malware threat, causing significant revenue loss, business downtime and reputational damage.
It’s critical organizations protect their data by following the best practices below.
To minimize downtime and avoid having to pay ransom, IT teams need to have immutable backup copies of data so a clean copy can be restored if a ransomware attack occurs.
Security is always a layered approach, and the last, best security layer for ransomware protection is a backup data copy on immutable storage. Once written, the backup data cannot be changed or deleted and therefore cannot be encrypted by ransomware. If an attack occurs, organizations can restore an unencrypted data copy via a simple recovery process without paying ransom.
Select enterprise storage systems now offer data immutability via a feature called Object Lock. Part of the S3 API, Object Lock is supported by multiple storage manufacturers, cloud providers and data protection software vendors. With Object Lock, data can be made immutable as part of an automated workflow, eliminating the need to handle physical media. The resulting security is comparable to offline storage but more scalable and accessible. Object Lock can also be fully automated using on-premises disk-based storage.
Object Lock makes data immutable, but to be fully protected you must also ensure the storage system itself cannot be compromised. If a hacker could gain direct access to the hard drives, for example, it might be possible to circumvent the storage software and wreak havoc. For this reason, look for an integrated storage system that is certified to meet government requirements for secure storage and non-rewriteable media.
Evaluating your cyber insurance coverage
Beyond following the best practices above, organizations should evaluate their cyber insurance coverage, as insurers will expect customers to do everything possible to minimize risk. Ask the following questions when assessing coverage to determine if you’re sufficiently protected:
With the remote work trend continuing in 2021, ransomware will remain a major threat. Therefore, organizations should: look for tamper-proof storage solutions that provide data immutability; keep up with evolving cyber insurance requirements; and ensure they have the right level of insurance. Doing so will make any ransomware attack that occurs manageable rather than catastrophic.
© 2011-2023 All rights reserved