PRE­VEN­TION IS BET­TER THAN CURE

HWM (Malaysia) - - FEATURE -

You might be wondering: How could you pos­si­bly stand a chance against ran­somware, when even huge multi­na­tional com­pa­nies are vul­ner­a­ble to their at­tacks?

Al­though due dili­gence and a lit­tle com­mon sense would go a long way in sit­u­a­tions such as this, it re­ally wouldn’t hurt to in­vest in an ad­di­tional safety net – re­gard­less of whether it’s a ba­sic an­tivirus so­lu­tion, or a com­pre­hen­sive backup and data pro­tec­tion suite.

In fact, some cy­ber­se­cu­rity com­pa­nies, such as Kasper­sky, have even taken the ini­tia­tive to de­velop a free stand­alone anti-ran­somware tool for busi­nesses to safe­guard their sys­tems. The Kasper­sky Anti-Ran­somware Tool for Busi­ness works by de­tect­ing sus­pi­cious ran­somware ac­tiv­i­ties, cre­at­ing a tem­po­rary backup of files that have been com­pro­mised, and rolling back any ma­li­cious changes that have been made, thus leav­ing them un­af­fected.

While we’re on the topic of back­ups, we re­cently had the op­por­tu­nity to speak to Ray­mond Goh, the Head of Sys­tems En­gi­neer­ing for Asia and Ja­pan at Veeam Soft­ware, to learn more about the in­creas­ingly alarm­ing ran­somware threat, and how backup and avail­abil­ity so­lu­tions are able to pre­vent them from wreak­ing havoc on com­puter sys­tems.

How is Veeam able to pro­tect busi­nesses and en­ter­prises from ran­somware?

If there’s one thing that has the at­ten­tion of the world in re­cent months, it is the threat of ran­somware. In the last few months, we have seen fre­quent head­lines on out­ages caused by ran­somware, and the re­al­ity is that it isn’t go­ing to stop any time soon. It will con­tinue to be a prob­lem for or­ga­ni­za­tions of all sizes.

At Veeam, we have taken ran­somware se­ri­ously for a while now. We’ve in­cor­po­rated fea­tures into our prod­ucts, as well as started rec­om­mend­ing tech­ni­cal prac­tices and de­signs to pro­vide re­siliency to re­cover from an out­age, should there be an in­ci­dent.

We took an ad­di­tional step and tried to quan­tify ran­somware in­ci­dents, and some of the in­for­ma­tion we gath­ered was shock­ing. If any­one thinks that ran­somware is just a PC prob­lem, it is not – it can be a dat­a­cen­ter prob­lem as well.

What makes Veeam dif­fer­ent com­pared to other end­point se­cu­rity so­lu­tions and anti-ran­somware soft­ware? Is one bet­ter or more ef­fec­tive than the other when it comes to pro­tect­ing de­vices from ran­somware?

First of all, the ran­somware in­ci­dents can take place on a va­ri­ety of plat­forms, in­clud­ing PCs, dat­a­cen­ter work­loads, and more. And un­for­tu­nately, there is no ‘one size fits all’ so­lu­tion. Here’s my ad­vice to all Chief In­for­ma­tion Of­fi­cers (CIOs) on how to build re­siliency against ran­somware: (a) De­sign with a ran­somware at­tack in mind, this will help the mit­i­ga­tion process. (b) Get your en­tire IT team on the task of think­ing about ran­somware, and the steps that need to be taken should there be an at­tack. (c) Have the nec­es­sary tools in place for

pre­ven­tion. (d) En­sure that the Avail­abil­ity strat­egy is there, in case a last line of de­fense is needed. Ev­ery ran­somware pre­ven­tion ex­pert or or­ga­ni­za­tion that has suc­cess­fully made it through a ran­somware at­tack will point to their backup sav­ing the day. (e) In­vest in ran­somware ed­u­ca­tion for

your users.

What should be the first course of ac­tion if a sys­tem was to get locked down by ran­somware? What should you do, and what should you re­frain from do­ing?

At Veeam, we be­lieve that a rock-solid data pro­tec­tion plan is the best form of pro­tec­tion against ran­somware.

If a sys­tem was to be af­fected by ran­somware, the only way to get out of that is backup and re­store. This is not just meant to negate ran­somware – it’s data pro­tec­tion hy­giene.

What you should re­frain from do­ing is suc­cumb­ing to the at­tack­ers and pay­ing the ran­som, as it won’t nec­es­sar­ily guar­an­tee the re­lease of your data. Fur­ther­more, know­ing that they’ve found some­one who’s willing to pay would in­crease the chances of them strik­ing again.

Are there any pre­emp­tive mea­sures that or­ga­ni­za­tions can take to pre­vent their data from be­ing held hostage by ran­somware?

Start us­ing the 3-2-1 backup rule, which rec­om­mends you to have three dif­fer­ent copies of your me­dia on two dif­fer­ent me­dia types, with one copy be­ing stored off­site. This is great be­cause it can ad­dress nearly any fail­ure sce­nario and doesn’t re­quire any spe­cific tech­nol­ogy to im­ple­ment.

In the ran­somware era, it’s a good idea to add an­other ‘1’ at the end of the rule, which is done by stor­ing a me­dia off­line.

It ap­pears that the re­cent bout of ran­somware at­tacks were specif­i­cally tar­geted at large in­ter­na­tional com­pa­nies such as Maersk, the Dan­ish ship­ping com­pany, and WPP, the Bri­tish ad­ver­tis­ing firm. Should the av­er­age con­sumer have any­thing to worry about?

As men­tioned above, data pro­tec­tion hy­giene is some­thing ev­ery or­ga­ni­za­tion, of any size should be think­ing about. As con­sumers, our dig­i­tal as­sets are at risk as well. The best way to fight ran­somware is to have good back­ups.

Newspapers in English

Newspapers from Malaysia

© PressReader. All rights reserved.