How to fortify your data in the event of a ransomware attack

The growth and evolution of ransomware have been one of the most destructive trends of the last decade. Its impact has shifted from being solely an economic crime to having significant global security implications, especially with its surge in the business sector.

According to Veeam’s 2023 Data Protection Trends Report, a staggering 85% of surveyed companies globally experienced at least one ransomware attack in the past year. Alarmingly, among those affected, only 19% managed to successfully recover their data without paying the ransom, while 33% were unable to recover their data even after making the payment.

In today’s era, the possibility of planning for 100% data compromise or unavailability has become a reality. Ransomware has become endemic, leaving companies struggling to grasp this notion.

Respondents to the report cited various challenges in maintaining effective data security, including insufficient tools, resources, skills, and concerns about the cost of ransomware defenses. However, the report highlights that 60% of businesses believe significant or complete alignment between their backup and cybersecurity teams is necessary, while only 45% consider their risk management program adequate.

Unfortunately, many companies are ill-prepared to handle ransomware attacks. In today’s interconnected environment, it’s not a question of if or when an attack will occur, but rather how frequently. Therefore, there are several points companies should consider implementing to ensure readiness.

Three critical areas need to be established before, during, and after an attack to secure company data. These areas focus on the people involved, the implemented processes, and the utilization of technology to mitigate risks.

Preparation is key

The best preparation one can do today will set up for success in terms of data security. While having the right tools is crucial, a company’s preparedness for an attack can make the difference between data being held hostage or successfully fending off an attack.

1. People: The human element is often overlooked. During the planning phase, it’s vital to establish policies for end-user data handling and engage departmental stakeholders. Emphasizing the importance of employees as part of the “human firewall” and an extension of the security team is essential.

2. Process: Documenting assets and identifying potential risks is critical. Restricting access to important information and creating a response plan are key steps. Prioritizing important IT assets and data for recovery is crucial, along with implementing relevant tools such as network security monitoring, encryption, web vulnerability scanning, penetration testing, and antivirus software. Regularly updating software and conducting threat monitoring is essential for resilience against ransomware.

3. Technology: Creating a data inventory and categorizing data based on sensitivity is vital for effective protection. Following the 3-2-1-1-0 rule, regularly backing up data in multiple locations and on different media types, including offsite and offline backups, ensures quick data restoration and minimal downtime.

Fending off an attack

While being attacked may seem terrifying, staying calm and trusting the process, alongside having the right support structures in place, increases the chances of emerging unscathed.

1. People: Establishing an incident reporting and response plan is crucial to promptly notify the security team of any data risks or compromises. Informing affected parties and collaborating as a team to reduce risk are important steps.

2. Process: Assessing whether response and recovery can occur simultaneously, gathering evidence, and communicating within the team and across the business are essential. Adjusting strategies as needed and following risk management programs support resilience and continuity.

3. Technology: Contacting the security team when noticing unusual activity, scanning for viruses, and removing them are important steps. Using software that provides secure backup and fast recovery from cyber threats, including ransomware, is advisable to keep businesses resilient.

let’s not do this again

Learning from an attack is crucial to prevent future incidents. Conducting post-mortems and self-assessments provide valuable insights for future strategies.

1. People: Having open discussions, analyzing timelines, and conducting honest self-assessments are important. Absorbing feedback and considering improvements for the future is vital.

2. Process: Evaluating what worked, identifying areas for improvement, and analyzing procedures are necessary. Ransomware prevention and detection strategies must evolve alongside the evolving threat landscape.

3. Technology: Regularly updating incident response plans and committing to long-term protection and recovery investments are essential for resiliency. Investing in prevention is much more cost-effective than settling ransom demands or dealing with lost revenues and market confidence associated with cyber-attacks.

Ransomware remains a pervasive threat. Organizations must continually evolve to survive and ensure business resilience.

The threat landscape is further influenced by advancing technology. Veeam’s 2023 Data Protection Trends report indicates that only 14% of companies in the Middle East and Africa experienced no ransomware attacks in 2022.

Securing and protecting data is imperative, with only 55% of encrypted or destroyed data recoverable after an attack. Vigilance and readiness are essential, as attackers only need one successful attempt, while businesses must remain alert to deflect attacks.

By Chris Norton, Regional Director: Africa at Veeam Software

Read more on ITNewsAfrica.com