The number of ransomware attacks on enterprises is growing by the day. After gaining access to a network, hackers inject malicious files and encrypt the data.
“The number of attacks directed at India’s government sector increased by almost 95 per cent in the second half of 2022,” Curtis Preston, Chief Technical Evangelist of Druva, an SaaS-based data resilience solutions company, said.
A reliable data backup and recovery strategy is a must for enterprises and organisations. But what if the backups are targeted? “Backups are copies of a company’s valuable digital assets and the final line of defence against ransomware. Implementing secure backup policies is crucial because it helps business continuity in the event of an attack,” Preston said.
Organisations must restrict access to backup data according to the needs and roles of employees. They must have visibility over who has access to the data and who is accessing it, he said.
Hackers know well that victims immediately fall back on backups to restore systems. So, the onus is on organisations to back up scientifically to insulate from hackers.
Encryption and exfiltration
Most on-premises backup servers are vulnerable to two kinds of ransomware attacks — encryption and exfiltration.
“Hackers attempt to encrypt the backups as well, because they contain the information required to reconstruct the machines after they were compromised by the ransomware attacks,” Preston observed.
“Remember that they (backups) are your last line of defence, and you must hold the line,” he cautioned
Besides the traditional ransomware attacks on backup servers, cyber fraudsters are also increasingly resorting to data exfiltration. They then attempt extortion, threatening to make sensitive data public in the dark web and elsewhere.
“The organisations are left with no choice but to pay the ransom and cross their fingers that the attackers keep their word,” he said
Comments
Comments have to be in English, and in full sentences. They cannot be abusive or personal. Please abide by our community guidelines for posting your comments.
We have migrated to a new commenting platform. If you are already a registered user of TheHindu Businessline and logged in, you may continue to engage with our articles. If you do not have an account please register and login to post comments. Users can access their older comments by logging into their accounts on Vuukle.