Guard against ransomware and business disruption with offline backups
A major auto manufacturer’s factories and operations around the world were recently paralyzed when a ransomware attack knocked it offline. It was just the latest in a troubling upward trend of high-profile attacks.
In fact, ransomware attacks have been riding on an upward trajectory for the past couple of years, increasing dramatically in 2020, and becoming more insidious in the process. In April, a joint alert from key United States and United Kingdom federal agencies warned of malicious actors using the COVID-19 pandemic as part of their tactics as a notable increase in cyberattacks across sectors and industries ensued.
Corporate enterprises and governments used to be the main targets of cyberattacks, but now any organization with an online presence is vulnerable. The surge in remote working due to the pandemic significantly increases risk as IT departments balance the demands of security, remote access and business continuity. Widespread use of new apps and solutions, credential sharing, unsecured Wi-Fi, weak passwords, lack of encryption and more provide cybercriminals with many opportunities to exploit gaps in security.
Cybercriminals, emboldened by new vulnerabilities brought on by the dramatic and sudden shift to a distributed workforce, are discovering successful ways to use COVID-19 related themes to target enterprises and organizations. They’re also demanding higher fees and using social media to publicize and boast about their attacks. These tactics are being used to inflict more pressure on organizations to comply with demands, on top of obstructing day-to-day business operations and threatening to inflict reputational damage if ransom isn’t paid.
IT professionals at organizations of all sizes are left to navigate a new landscape where cyberattacks have potentially more severe consequences. The constant threat of cyberattacks is exacerbated by numerous factors that organizations are having to consider, perhaps for the first time:
- Remote management
of data centers: As employees work
off premises, security must often be managed remotely, adding complexity –
and vulnerability – to data protection.
- Distributed
workforce: Employees working
off-premises increases security and privacy complexities as workers use a
variety of devices that may belong to the organization, a third-party vendor
or be personally owned. Home settings are likely to be less secure than
onsite where IT departments can provide better oversight and assistance.
- Bad cyber hygiene:
In the interest of ensuring business continuity during the shift to
unprecedented levels of remote working, some organizations felt forced to
relax security policies and / or employees sought “workarounds.”
Overreliance on inherently weak passwords, credential sharing, unpatched
vulnerabilities, outdated software, downloading unauthorized applications,
all contribute to risk.
- Stressed
out/stretched thin IT teams:
Because of the COVID-9 crisis, IT professionals found themselves very
rapidly supporting a distributed workforce while at the same time tending to
organizational requests that fell outside of their traditional roles.
- Cloud complexity:
Increasingly, more business is
done in the cloud amid expectations that the cloud is secure. While the
cloud enables immediate access to business-critical data, the cloud isn’t a
panacea. Cybercriminals increasingly target cloud vendors for gateway
access to corporate information.
- Lack of resources
and budget: As companies struggle
with budget cuts, IT departments are under even more scrutiny to perform
daily operations with limited resources. Unfortunately, data breaches
continue to drive security investment, rather than careful, proactive
cybersecurity planning.
Cyberattacks will undoubtedly continue, making it
critical for companies to arm themselves with strong security policies that are
tied to solutions proven to work. Having a reliable backup system for data is an
important building block of a modern data protection plan.
3-2-1-1 – The new ‘Backup Rule’
While companies and enterprises
evaluate their security strategy to account for heightened cybersecurity
attacks, IT and storage professionals must consider best practices to safeguard
their companies’ data in this new landscape. The traditional 3-2-1 “Backup Rule”
recommends that at least three copies or versions of data is stored on two
different pieces of media, one of which is off-site. The United Kingdom’s
National Cyber Security Center (NCSC) recently released guidance about the
importance of offline
backups as a defense against ransomware, supporting the modification to the rule
to a 3-2-1-1 strategy.
Tape Backup Can Be a Game Changer
In a situation like the recent Honda cyberattack that
halted operations globally, tape technology’s offline storage could have quickly
restored from backups and minimized down time. Linear Tape Open (LTO) is an
example of a high-capacity, single-reel tape storage solution that’s an open
format and licensed by some of the most prominent names in the storage industry
to ensure a broad range of compatible tape drives and cartridges.
Tape technology has the inherent ability to create a
physical barrier from a network, securing valuable long-term data from
cyberattacks. The core strength of tape technology is that unlike connected
solutions, even those with some ransomware safeguards, it offers a completely
physical and disconnected air gap. The air gap nature of tape operations, along
with its ability to maintain separated data images that cannot be corrupted,
allows tape to serve as a fail-safe method against ransomware. Moreover, if a
company's entire data environment were to be compromised, tape can restore data
at speeds of up to 360 MB/sec native, 750 MB/sec compressed, outpacing cloud
solutions.
The use of tape technology helps fulfill the criteria for
advanced data protection by adding another layer of defense with offline
storage. The air gap created by offline storage is essential to thwarting more
sophisticated ransomware and malware that attempts to corrupt live, backup, and
archive data simultaneously. Additionally, offline storage ensures that
organizations have a copy handy for quick restoration to better handle “hostage”
ransomware situations.
Contact your BackupWorks.com Account Rep today
and ask about LTO Tape for your Backup and Archiving envrionment 866 801 2944