Alert on recent ransomware attacks
With ransomware attacks making headlines recently, including the local incident with Scripps and the potential national security threat with Colonial Oil, we’ve experienced a heightened level of concern amongst NFINIT customers. While we don’t have all of the specifics for either of these attacks, we’ve had many clients reach out inquiring on what strategy NFINIT is putting in place to protect itself and other organizations from similar threats.
The fact that we are witnessing successful attacks on organizations that are highly regulated, security-focused, and considered critical infrastructure, illustrates that every organization is vulnerable.
The reality is that nobody can 100% guarantee the avoidance of a cyberattack. They’re going to happen, and they’re going to happen to organizations large and small. The focus can’t be exclusively on preventing attacks, but preventing catastrophic outcomes. Ensuring recoverability of data, applications, and critical systems is the best way to hedge against a crippling attack.
I want to share with you how we’ve counseled customers who’ve reached out recently looking for long- and short-term strategies.
- Review or conduct a business impact analysis (BIA).. This starts with tabletop discussions with department leaders to identify and understand the criticality of various systems. Consider being locked out of email servers, scheduling applications, customer or patient records, payroll, customer or patient portals, accounts payable, ERP, e-commerce, and other systems and assess how that will impact the business
- Prevailing industry research says that on average, organizations take 21 days to fully restore systems and data after an attack. Assessing the criticality of systems and data is imperative. Building a strategy to test and ensure that you can recover them is essential. Confirm that there are routine processes in place to validate the ability and timeline to restore.
- The costs of proactive planning to minimize the negative effects of a ransomware attack are lower, by far, than the cost of falling victim to one. Even if you don’t end up paying ransom, there are potentially huge costs for teams of internal and external specialists working around the clock to bring your data and systems back online. There is the high potential of lost revenue, diminished trust and loyalty, compliance issues, inability to process payroll or to pay vendors, and so much more.
What measures can you put in place immediately?
Every CEO, COO, and CFO seeing these high profile companies and others in the news, is asking the same question, “are we protected?”.
One thing that we often find missing when working with customers on their existing disaster recovery strategies is an immutable, or air-gapped, copy of backup. Immutable storage is impervious to ransomware because malware can’t be altered when stored through this process.. If you don’t have this second copy, immutable storage tier, ransomware can infect your production and backup datasets, leaving you completely vulnerable.
The most cost-effective, immediate defense against a crippling ransomware attack is your clean, immutable backup, which can be quickly restored.
If you’d like our help, reach out to your account manager or email us at firstname.lastname@example.org.