Cyber expert on the new ransomware wave

Industry-related

“Too many people rely on traditional backup solutions to be a lifeline,” says Emanuel Lipschütz.

Yes, after a period of calm, ransomeware attacks have increased significantly again. Unfortunately, many companies are not properly prepared in case they are exposed. The right backup solution can be crucial to your company’s survival. Attacks can affect any business. From the big dragons to the small company with only 1 employee.

One driver of this wave is that ransomware tools are so readily available and can be hired as a service on the Dark Web. But there is another aspect that businesses themselves are more able to influence.

Emanuel Lipschütz, cybersecurity manager at Conscia, says that one of the root causes of ransomware attacks is that many organizations rely on traditional backup solutions to be a lifeline if they are attacked.

“Backups are the last line of defense,” he says. But traditional defense has not assumed that an actor is inside the systems.
– Existing backup solutions assume that a threat actor is not inside the firewall. But backups are one of the first systems ransomware actors target. They want to make it impossible to restore the systems. In addition, the backups contain sensitive data that they can use.
– If companies had their act together, we wouldn’t see as much ransomware as we do now. It would reduce the propensity to pay ransoms and make it less profitable.

Reading back data

Emanuel Lipschütz says that the way to protect against ransomware is to have backups of data that can be read back, but that this is not enough.
Firstly, reading back data after an extortion attack is often much more complex than a normal readback.
Secondly, the entire backup and readback solution needs to be secured in itself, he continues, precisely because the cybercriminals often go after the backups first.

– So even if backups exist, there is a high risk that they will turn out to be useless during attempts to restore the data. Even worse, if the data is compromised or if there is malware in the copies.

Third, the backup infrastructure may suffer from the same vulnerabilities as the rest of the infrastructure, using insecure open protocols such as network file system (nfs) and server message block (smb), he adds.

– Instead, companies should focus on having a complete cyber recovery solution, where the system is hardened and includes both data recovery and the ability to detect if and when unwanted encryption has occurred.

“Practice makes perfect when crisis strikes.”
And we at Savecore have that skill. With our solutions and the expertise of our staff, your business can feel safe and secure before the accident happens. We tailor the solution to your needs, making it as cost-effective as possible. Swedish storage under Swedish law also means that you can feel safe in your GDPR management.

Savecore takes care of your data so you can focus on what you are passionate about in your business. Contact us and we will help you!

Read the full article on ransomeware and what Emanuel Lipschütz has to say about it:
https://computersweden.idg.se/2.2683/1.778565/cyberexperten-om-nya-ransomware-vagen-backuperna-det-forsta-de-ger-sig-pa

Sophie Weidemyr
Social media and content manager

You might also like to read...

GitLab & Kubernetes Tutorial

Industry-related

Mattermost tutorial

Industry-related

Kubernetes as an operational service

Industry-related