To maintain business continuity, each organization should develop a data protection and back-up strategy. To reduce the risk of data loss, firms need to back up files and databases. Firms will also want to back up their operating systems, applications, configuration. This ensures the protection of data from unauthorized access and data corruption throughout its lifecycle.
According to Florindo Gallicchio, Managing Director, Head of Strategic Solutions at NetSPI: “It’s time to acknowledge how critical data backup has become, especially since many ransomware strains attempt to delete backup files, as we witnessed with Ryuk.”
Ryuk is a type of ransomware known for targeting large, public-entity Microsoft Windows cybersystems. Here, the threat actors make sure that essential files are encrypted so they can ask for large ransom.
Expanding on the risks faced by the corporate sector, Gallicchio says: “Most businesses are faced with two significant risks when it comes to backups: the theft and public disclosure of sensitive data, and the disruption of critical business functions.”
In terms of the consequences, Gallicchio says: “If either of these risks occur, organizations could endure devastating consequences. To make sure that doesn’t happen, organizations need to proactively put strategies in place to bolster protection against these threat actors.”
There are different courses of action that firms can take to build in greater protection. Drawing on one such example, Gallicchio says: “One way to do this is by ensuring that backups with all of the organization’s critical data are routinely, completely, and securely assessed –– as this is a necessary step in recovering from a possible ransomware attack.”
Backing-up alone will not be enough, a degree of additional security is required as Gallicchio explains: “These backups should be encrypted so that sensitive data is not disclosed and stored in such a way that an organization can recover its data in a timely manner, as this is necessary to minimize disruption to business operations.”
As a further measure, Gallicchio advises: “Organizations should regularly revisit and test disaster recovery and business continuity plans to validate that ransomware and other threats won’t impact the integrity of any backups.”
Separation of data can also assist with safeguarding, says Gallicchio. This means: “Any highly important, sensitive data should be stored on an entirely separate network from the internal network. That way, if ransomware targets the desktop network, it cannot spread to the critical systems and cause complete chaos. While this is a long-term, and challenging strategy, it’s well worth the time and investment for organizations to counter the continuous risk of critical data loss.”
