Some businesses leave their data completely unprotected and never lose it. Some people run across eight lanes of the Marsa bypass in the rush hour and reach the other side unharmed. In both cases, it’s a matter of calculating whether the cost of acting safely is worth it when compared to the probability and the cost of failure.
Based on actual evidence and case histories, there is a surprisingly large number of factors that can pose a threat to your data. The obvious and well-known factors are cybercrime, natural disasters, or hardware failures but some of the most common ones also include a simple human mistake (clicking the wrong option) or malicious internal actors (for example, a disgruntled employee that is about to be laid off).
There is no good way to protect yourself against such threats. People may be trained to be careful but there is always a chance that they will make a mistake. Employees may be treated well but there is always a chance that one will do something foolish out of spite. Even failure-protected hardware can fail – we’ve personally experienced a failure of two disks from a RAID 5 matrix at the same time. And in recent years, cybercrime has completely dominated the threat landscape with ransomware leading the flock.
Are you a potential target?
At the moment, ransomware is perceived as the biggest threat to the security of both businesses and individuals. While we often hear from the media about major cases such as the recent Colonial Pipeline attack, what escapes us is the fact that small and medium businesses are the most common targets – they’re just too small to make headlines. And it’s very rare to actually read a positive story about a business that came out of the ransomware attack without the need to pay and learn how they managed to do it.
Yes, you are a potential ransomware target. This is primarily because ransomware attacks don’t just come from big Russian hacker organisations. Anybody can attack you because ransomware is often available via the software-as-a-service model. This means that even a disgruntled ex-employee could access such a service, target you, and scramble all your data – all hiding behind a cryptocurrency-based anonymised system.
Local statistics also show that ransomware is a major problem for our islands. Based on data from 2020, 8% of Maltese internet users have been affected by ransomware between 2017 and 2020, compared to 1% in other EU states. This may be due to the fact that small and medium businesses, which are predominant on the islands, are an easy attack target when compared to large organisations due to having fewer security measures in place and smaller security teams.
How to protect your data?
There are many ways to try to avoid the impact of factors that may endanger your data. You can establish very strong security policies, you may double-check every action, you may use failure-proof hardware. However, while all these factors reduce the risk a little, they won’t help you recover. The only effective way of making sure that you can recover if your safety measures fail is to have a well-established backup plan.
However, ransomware authors know about backups. Ransomware software is specially designed to infiltrate the system, discover backup methods, and make its way into backups as well. The actual encryption event often happens with a delay, which means that even your last backup is very likely to contain and be restored together with malware. If so, your restored data is automatically encrypted again, making your backup plan utterly useless.
What and how to back up?
One of the most common mistakes that businesses make is backing up just key business data and leaving everything else unprotected, for example, operational data. In the case of an event that doesn’t just affect key business data but, for example, makes every computer in the company inaccessible, the lack of a complete backup means that you have to manually reinstall and reconfigure every single workstation, which makes recovery much longer and much more difficult.
To protect your data against all the threats, not just ransomware, your backups must be:
- Complete – you can’t just focus on key business data.
- Physically offsite – so you can avoid disasters that influence your live systems along with your backups. This includes natural disasters, accidents, power failures, etc.
- Efficiently firewalled – there must be no way for malicious software to automatically access your backup.
- Far-reaching – you need backups from several points in history so, in the event of a ransomware attack, you can find a backup that certainly contains no malware.
- Monitored – security experts should monitor your backups for any signs of ransomware.
- Well supported – in a critical situation, you need all the support you can get. Specialised third-party experts can help you bring your systems back online much faster and easier.
BMIT has your back with our backup solutions, which let you cover all of the above points. Our backup plans include managed backup for M365, backup for Office 365, backup for Azure and other cloud providers, backup for physical servers, backup for VMs, backup for workstations, and Veeam Cloud Connect. You can get full support with backup and recovery operations by taking advantage of our Backup-as-a-Service offering.
With our products and expertise, you can be sure that no matter whether it’s sea breams falling on your roof and causing a short circuit and fire, the interconnector failing during an important data saving operation, or someone demanding a ransom for decrypting your entire system, you can count on us to help you restore everything back to normal.