As the year draws to a close the rate and pace of cybersecurity incidences shows little sign of abating. December 2021 has already seen three significant pubic ransomware attacks (each of which occurred within a three day period).
To add to these incidences, Log4j is now being exploited by ransomware. Apache Log4j is a Java-based logging utility, which is used by millions of computers worldwide running online services. In relation to the security flaw, a wide range of people, including organisations, governments and individuals are likely to be affected by it.
This type of vulnerability and others like it signal to every organization the need to be on red alert. To help businesses prepare for 2022, Digital Journal caught up with Simon Jelley, a ransomware expert at Veritas Technologies. Jelley advises:
Centralize your data backup
According to Jelley: “This will help ensure all your data is protected and backed up, eliminating the protection gaps that may be present without centralization.”
Strengthen the resiliency of your centralized data backup
Jelley recommends: “Harden it against ransomware attacks by encrypting data at rest and in transit, using digital certificates and integrating a PKI, using strong authentication and user roles, leveraging containers for an easy patch management process, and implementing anomaly detection to detect potential ransomware.”
Develop a plan for when a crisis strikes
Jelley adds: “Even after implementing the above, it’s still necessary to develop a plan for when an attack happens. Being proactive and creating a plan will help you react appropriately and expeditiously in the event of an attack, thereby limiting the effects and scope of the crisis.”
Test and test again
A further point from Jelley runs: “It’s critical that you test your protection strategy before a disaster event like ransomware happens. This includes drilling your ransomware recovery plan outlined above.”
Educate employees and business leaders
Jelley explains: “Taking the time to educate yourself, your leaders and company employees about the risks and signs of ransomware can help not only prevent an attempted ransomware attack, but detect a successful one early, potentially preventing it from even getting near your data backups.”