Ransomware is rarely out of the news these days. These attacks - and others like them - are perpetrated by hackers who infiltrate an organisation's IT infrastructure and hold its data hostage until a ransom is paid. Attacks often leave organisations helplessly locked out of their systems and the fallout of this sort of attack can be incredible, potentially causing a spiralling effect on businesses and ultimately, the general public.

These events should come as no surprise. Cybersecurity professionals have been sounding the alarm on nation-state and financially motivated attacks for well over a decade. With these types of attacks set to continue, organisations must ensure that they're prepared to defend themselves and their critical data. In today's world, companies of all sizes simply can't afford to overlook data security. The big question is: with these types of attacks set to continue, what steps must organisations take to adequately secure their digital infrastructures from ransomware?

The big challenge facing organisations is that there is no "tried and true" way to stop hackers from exfiltrating data once they've managed to gain access to a network. If the network has been infiltrated, the best defence is to put in place several 'security check points' or 'roadblocks' to slow the attack and provide time to shut down systems.

However, stopping the spread doesn't always mitigate damage. Attackers can lock corporations out of their own systems, make their data inaccessible, and demand ransom - costing companies lost revenue, loss of public trust, and lost time. With this in mind, organisations must take steps to prevent a breach - or at least to reduce the probability of a major shutdown and data exfiltration.

The first step is to establish a solid backup strategy that includes an offline copy. This ensures that access to data won't be compromised if a hack occurs. This can be achieved by looking at the backup strategy holistically across the entire environment and rigorously testing the recovery method. Tier data off to a cold data solution, whether on prem on in the cloud, as soon as it has fulfilled its value, and be prepared to take a multi-layer approach to protect and recover backups. The 3-2-1-1 rule has proven to be extremely effective: keep three copies of the data, using two different storage media types (object, flash, HDD, SSD, or tape), one offsite (physically separate from the building like at a disaster recovery site), and one offline (completely disconnected from the network).

FOCUS ON PREVENTION
Next, focus on prevention. By understanding your risk profile, identifying possible entry and exit points, reducing the attack surface and hardening systems as much as possible, organisations can significantly reduce the risk.

Businesses must also review their cyber-hygiene. Simple activities such as regularly scanning the infrastructure for vulnerabilities, quickly remediating the findings, and understanding the threat landscape to identify the biggest potential vulnerabilities can make a significant difference.

Finally, it's important that organisations invest not only in training personnel and preparing for an attack in their business continuity plans, but also that they test, test again, and conduct even more testing to ensure that the network is secure and can withstand an attack.

As the rising rate of ransomware attacks shows, it has never been more important for organisations to choose the right solution that can help secure their modern network infrastructures. An effective technology solution should provide data "immutability" to protect and recover critical assets in the case of a breach.

More info: www.quantum.com