The current COVID-19 crisis spurred an increase in cyberattacks taking advantage of the sudden shift to virtual work and uncertainty surrounding health and safety information. Between March and May of this year, reported ransomware attacks increased 148% with global manufacturing, government, and internet providers the hardest hit1. Ransomware attacks are the new “go-to” for criminal enterprises, becoming state-sponsored entities and costing global economies billions of dollars. Industry losses are projected to increase to $20 billion USD in 20212, forcing legislators, industry regulators, and company leaders to face the problem of ransomware head-on. As cybercriminals become more emboldened by the current economic and health crisis and more sophisticated in their network attacks targeting backups, CIOs and CISOs must adapt their backup solution to stand up against modern cybercrime.
Modern cybercriminals still use “email spoofing” as the primary method of attack, with 67% of network infiltration resulting from spam. However, instead of hackers locking access to the compromised computer or account, hackers “scan” network traffic, recording system administrator credentials and addresses of sensitive data. Once this information is compromised, hackers encrypt and/or delete petabytes of valuable data, causing irreversible reputational damage, regulatory fines, costly downtime, loss of customers, and ransom expense. In addition, paying ransom does not mean getting all data back or hackers leaving your network. Backups used to be considered a recovery option, but cybercriminals found backdoors in to delete or encrypt the backups as well. Protecting your backups starts with taking data security, integrity, and availability one step further than before.
Encryption is a standard practice amongst current data backup solutions but must be improved upon to handle the new wave of attacks. On top of encrypting individual files (data at rest), the connection to the NAS or SAN must be encrypted as well. Encryption keys should be changed regularly, and all users must be required to pass multi-factor authentication (MFA). Data integrity is the most important aspect to a backup and is key to restoring data in a ransomware attack. Data should be stored in an immutable copy and consistently checked for errors or changes. Lastly, accessibility determines how quickly a company rebounds after an outage or attack. Data must be stored in multiple locations and on multiple sources and continuously cross-checked to ensure data is not altered.
At Nexsan, we solve these challenges with our Unbreakable Backup solution which delivers an immutable solution to mitigate cyber security threats. Unbreakable Backup safeguards data integrity and deploys with Windows, Veeam, Commvault, and many other environments. Data is protected by individually encrypting each file to the AES-256 standard and changes the keys every 30 days with MFA for system access. Automatic periodic data integrity checks are performed utilizing a unique “fingerprinting” system, which finds and fixes errors, eliminating the need for a system administrator to manually validate. Lastly, files are stored in pairs and in multiple locations, guaranteeing access to critical backups in case of an outage.
Ransomware is the most serious threat facing organizations today in an increasingly cyber environment. CIOs and CISOs must arm their organizations with modern solutions to modern attacks or risk serious financial implications. For more information on how Nexsan can help your organization protect high-value data, contact sales@nexsan.com.
1) Lyons Hardcastle, J. (2020, April 17). Ransomware Attacks Spike 148% Amid COVID-19 Scams. In SDX Central. Retrieved September 1, 2020.
2) Ransomware Attacks Predicted to Occur Every 11 Seconds in 2021 with a Cost of $20 Billion. (2020, February 13). In The National Law Review. Retrieved August 31, 2020.