There is no question today that ransomware is one of the biggest concerns for organisations as they struggle to ward off cybercriminals that are remorselessly finding new ways to invade the concentric layers of their data infrastructures.
According to a survey conducted in January 2022 by Sophos, 65% of Singaporean organisations have been victimised by ransomware threats in 2021, which is a whopping 25% increase since 2020. Organisations struck by ransomware attacks struggle to handle their aftermath, such as the high costs of data recovery, not to mention the damage to corporate reputations.
Ransomware threats are constantly evolving and growing in sophistication as cybercriminals resort to various inventive ways to infiltrate the innermost walls of organisations’ data infrastructures.
When they successfully retrieve sensitive, high-value data, these actors pressure their victims to pay the ransom in exchange for the system being restored. Furthermore, if they attack the organisations’ backup software, victims can end up facing higher charges as a result.
Organisations in the Asia Pacific region have recognised the depth of the ransomware problem and are beginning to take a firm stance against ransomware attacks by adopting strategies and solutions to strengthen their data infrastructures.
With the right technology, security measures and sophisticated infrastructure in place, organisations would be better prepared, equipped, and have the capabilities to defend against incoming ransomware threats.
Taking a firm stance against ransomware
With the adoption of appropriate protective measures to strengthen data infrastructure, organisations must go beyond their mundane methods of storing and protecting data. Instead, they must recognise the evolving nature of their infrastructure and preserve its flexibility and agility.
Organisations must ensure proper data management by formulating a backup and recovery plan for critical data. They must also constantly review their data protection policies and conduct regular vulnerability testing to determine the state of their data infrastructure.
Adapting to changes and cultivating data management strategies is vital for organisations when fighting ransomware threats.
Strengthening the data infrastructure
Beyond ensuring proper data management, reviewing data protection policies and conducting regular vulnerability testing, there are a few core functions of an offence-first data infrastructure strategy which are crucial for implementation.
For instance, companies should establish a central management system which would enable them to define and enforce consistent security policies across a hybrid cloud environment. By doing so, they would be able to analyse their data and ensure there is sufficient enterprise data protection alongside protection tools.
Furthermore, a central management system allows for increased visibility over their data storage, and organisations will be able to monitor for suspicious activities that would potentially threaten the spread of ransomware within the storage system.
Organisations can also set up and orchestrate data replication processes. The objective should be to make the most efficient backup copy of their data, using the smallest footprint and keeping recovery time to the absolute minimum.
Typically, it requires consistent effort and a very robust toolset to detect, mitigate, and prevent ransomware. Therefore, performing backups using block-level snapshots helps to improve network resiliency significantly. The habit of data replication would provide an added layer of security around organisations’ data storage.
Keep data from threat actors
Having a smaller attack surface is also beneficial for organisations if they wish to minimise access and visibility of their critical data from threat actors.
A smaller attack surface would restrict ransomware threat actors from sneaking through security cracks and gaining access to the organisation’s data storage infrastructure. Organisations should also encrypt data for additional protection and carefully dispose of data that is no longer needed.
Finally, it is paramount for organisations to enable immutable storage to backup crucial data in storage systems. When their data is equipped with a timed lock, it is impossible to alter or delete the data. This forbids threat actors from gaining unauthorised access for malicious intents.
Ultimately, organisations need to recognise that with the constant evolution in data storage infrastructure, methods of data management are bound to change. Therefore, it is crucial to go beyond the typical habits of building larger walls of data security that require even stronger vigilance.
Instead, organisations should make data security a common topic of discussion during their board meetings and invest in the latest security solutions and services to safeguard their data infrastructure.
