#Guide #Stopping #Global #Cyber #Crime #Local #Level
Cyber attacks put everyone at risk by compromising the data that runs the world and cost companies millions of dollars. Simon Taylor, founder and CEO, HYCU, shares how organizations can take steps to prepare, react and recover from a breach without paying a ransom.
Ransomware is the most significant cyber threat faced by private and government organizations. These organizations manage crucial data, from healthcare to education to infrastructure. Cybercriminals accessing and holding that data for ransom threaten our everyday activities and potentially our lives. The key to mitigating that threat is prevention, response and recovery.
Data is our most valuable and exploitable asset. Our society relies on it to survive, and losing data costs money and reduces global security. Each company plays a role in the endeavor to secure this vital asset.
The Impact of Cybercriminals
How much damage do cyber attacks cause? Take a look at these statistics.
- Emisoft statistics reveal ransomware attacks hit 77 local governments and agencies, disrupted learning at more than one thousand schools, and compromised 1,200 medical sites in 2021.
- The Cybersecurity and Infrastructure Security Agency (CISA) reported ransomware incidents against 14 of the 16 U.S. critical infrastructure sectors.
- According to Palo Alto Networks Unit 42 2022 Ransomware Threat Report, 58% of IT decision-makers surveyed say their organization paid the ransom, with 14% saying their organization paid more than once.
- Ransomware will cost its victims around $265 billion annually by 2031, according to predictions from Cybersecurity Ventures.
Each time an organization pays a ransom, it emboldens cybercriminals. Being prepared to recover data in case of attack prevents the need for payments and removes the financial incentive for the hackers.
Steps to Prevent Breaches
Hacking has become incredibly easy. Ransomware as a service means people don’t have to write code to execute an attack. With more bad actors out there, taking immediate precautions to protect your data is imperative.
Organizations can take these steps to help prevent a breach:
- Installing regular software updates.
- Requiring multi-factor authentication.
- Maintaining an inventory of devices connecting to your network, especially those with access to sensitive data.
- Limiting access to data and minimizing password sharing.
- Hiring a managed service provider (MSP). This is especially crucial for smaller companies that may not have the resources to monitor their systems by themselves.
- Training employees.
Training employees may be the most vital step. Stanford University research found that employee mistakes cause 88% of data breaches. Company leaders must take the time to educate their staff about phishing and other security threats and implement best practices to prevent them.
With the current state of cybercrime, anti-intrusion measures matter. But don’t stop there. Prepare your organization to respond in the inevitable event of a breach.
Reacting to an Attack
Breaches are expensive – the longer your system is down, the more it costs your organization in time, lost revenue and resources – not to mention the risk of being unable to access crucial data. But you can keep criminals from accessing your most valuable assets and set yourself up to recover and restore your data quickly with the right backup and recovery strategies.
Let’s look at the necessary steps:
Back up your data
Under the cloud shared responsibility model, in an enterprise that runs and manages its own IT infrastructure on-premise, IT staff is responsible for the security, as well as the applications and data that run on it. That means your cloud service stores your data but places the responsibility on you to protect it. Bringing in a third party to look after your data can ensure you have the proper steps and policies in place to recover lost data.
When backing up your data, you need to understand where it is backed up and if you have immutable storage where no one can access it. One standard to adopt is the 3-2-1 rule: your data should be backed up three times on two different media (on an appliance and in the cloud, for example) with at least one backup offsite. You should also periodically check to ensure your critical information is, in fact, stored.
Have a recovery plan
Many companies may be surprised to learn they can’t recover their data, even if it is backed up. A backup system is only as strong as the recovery plan. Your data may be lost without one.
If you are hacked and decide to pay the ransom, should the hacker actually return access, there is a significant amount of cleanup required, including removing hacked files and inspecting databases in addition to restoring the data. That process can cause extensive system downtime and drive up the costs of the attack. If you don’t pay a hacker, rebuilding your network from backups is not a quick operation without a restoration process. This process requires a pre-planned step-by-step procedure to retrieve and restore your data. This strategy significantly cuts the time needed to get your system up and running. You might consider three restoration infrastructures: software, appliance, or Backup as a Service (BaaS).
Using software involves in-house deployment of backup software. Third-party appliances combine the software and hardware components necessary to back up data within one device. Backup as a Service provides automated, no-maintenance backups.
Each infrastructure has its pros and cons, but Backup as a Service can make a recovery from offsite backups faster and simpler than the other solutions. It also reduces the amount of regular backup maintenance required from your organization’s IT department.
Test your strategy
Your disaster recovery process is not a set-it-and-forget-it strategy. You need to write out the plan. Set a schedule to update the process based on business needs and IT environment changes. Don’t forget to test it to ensure you can execute the plan during a worst-case scenario.
Are You Ready to React to an Attack?
For the cyber ecosystem to work together to stop global cybercrime, organizations need to focus on quantifying what steps they can and should take to avoid paying a ransom.
There are multiple free services available to evaluate your company’s readiness to respond to an attack, that identify gaps in backup and recovery processes so you can address them.
We are all in this fight together. Ensuring you can recover your data without paying a ransom saves you significant time and money and removes the incentive for criminals to continue their attacks. It will take all of us to end the global scourge of ransomware and make the world a safer place for everyone.
How are you upgrading your cyber attack response strategy? Tell us on Facebook, Twitter, and LinkedIn.
MORE ON CYBERCRIME: