Break through the silo mentality and teach everyone in a company to be aware, alert and pro-active, so that the cyber cleaning process is constant.
In tech industries critical messages need to be repeated often. Sometimes they can be complicated, so we reach for analogies to make messaging, particularly around problem-solving, more relatable. Discussing cyber security and the rise of ransomware attacks is more critical than ever because the problem is more prevalent than it’s ever been. Finding effective ways to drive the messages home so that true change can rapidly take place is a constantly inventive process. Making the complexities of cyberattacks sound familiar, and strategies to defend against them look obvious, does not diminish the serious nature of the risks and the remedies.
Emerging from two years of pandemic-related restrictions and resulting impacts on business, the concept of hygiene is immediately relevant to IT. When we were under attack from a virus, we wore masks, we washed our hands, were careful around others and defended ourselves and those most dear to us. Hygiene also brings to mind how we look after our teeth. Dental hygiene is impressed upon us to defend against decay and infection; the processes by which we keep our teeth clean, healthy and strong are a best practice way of living. We can apply these analogies directly to the topic of cybersecurity, which needs its own practices of hygiene.
October was Cyber Security Month and in Australia we witnessed an alarming spike in ransomware attacks on large corporations, maliciously affecting millions of citizens whose personal data was compromised. That is the publicly known tip of a huge iceberg wreaking havoc all year and involving many organisations across the 16 countries surveyed in Veeam’s 2022 Ransomware Trends Report. The report presents a confronting picture of the effectiveness and pervasiveness of bad actors. It shows that 80 per cent of attackers seek out mainstream systems with known vulnerabilities, and that nearly 50 per cent of data centre servers, remote offices and cloud-hosted servers were targeted and encrypted in 2021. The figures will be higher for 2022 and we will see multi-layer, end-to-end attacks. It is an insidious infection spreading globally. It is therefore time for an end-to-end clean-up of data management with a heightened plan of defense.
The threatscape is evolving
Cyberattacks are getting more sophisticated. Longer dwell time, less obvious pattern recognition capability with intermittent encryption, all make an attack more difficult to detect. With the ability of attackers to branch out horizontally, erasing data at will, a ransomware payment within deadline won’t have prevented rapid data theft, deletion, or both.
If your house contains valuable possessions, you are unlikely to display them by an open door under spotlights. You are going to lock the doors and get motion detector lights. If you have an alarm, you are going to set it, and you will teach everyone in the family how to set that alarm before they go out or go to bed. The home security analogy is another way to consider cyber security. Reduce the threat of inviting thieves to your home. Reduce the threat of having your company’s data stolen or wiped.
Best practices to protect a business
Every individual in a business is part of the security solution. Hire backwards in the pipeline, find young hungry graduates who can be trained from the start in these practices. Break through the silo mentality and teach everyone in a company to be aware, alert and pro-active, so that the cyber cleaning process is constant and when a breach occurs, nobody is paralysed. Much of the threat vector can be eliminated with simple, mandatory steps, teaching all staff to focus on the big picture while paying attention to the small details. Don’t click on that link. Practice patch management. Change the password. Update the firmware. Train users on Phish. Set up multifactor authentication, not just for remote access, but for all critical applications. The simplest way to exfiltrate data is to use the applications already in place that do not cost extra. They are the human components of everyday digital cleaning and essential before even looking at backup processes.
Another analogy: you look both ways when you cross the street, even when you know it is a one-way street. That is what everyone needs to do – be cognisant. Take that extra small step, and if everyone does that, the combinatorial effect is a powerful defence against the threatscape. Some businesses even do role-playing as part of staff training. Play “hackathon” for the day and find out what you can do to break the system. And then look at how you respond.
Backup is the last line of defence
The house is clean and in order, but theft can and will still happen. Secure backup is your last line of defence against ransomware. You can only recover what you backed up. Ransomware has democratised data theft, since targeted data only needs to have enough value to the victims, so they are convinced to pay ransom to recover that data. This model of ransomware has been successful despite increased investment in defensive security technologies. Look for a software-defined approach with no lock into proprietary hardware, working with your company’s existing architecture and operating both on-premises and in the cloud. Ensure it is a portable data system that can be moved securely at a moment’s notice. When there is an attack, the data can be brought back, but not to where it was stolen from. The nuance is how that data is retrieved and how quickly it is secured in a new destination.
Good digital hygiene will always be a company-wide responsibility. There is no single person, regardless of role, who is not a participant in the security response team for your organisation. Your team is your defence force. And your data service provider is an essential weapon in your armoury. Working together, the battle can be won.
- The author is Senior Director Product Strategy, Veeam and Dave Russell, Vice President Enterprise Strategy, Veeam