Numerous unsuspecting organisations and government institutions such as Johannesburg’s City Power and the City of Joburg have unfortunately been hit by ransomware attacks in the past year. It is clear that ransomware attacks have become a significant concern and that attackers do not distinguish between government entities and commercial ones. Make no mistake - any business is susceptible as so many critical functions today depend on IT infrastructure. A multi-layered approach to security is critical to securing an organisation and can provide that elusive ‘peace of mind’ in the event of an attack.
The consequences of a breach
For any organisation being offline comes at a cost – revenue is lost in the case of enterprises and citizen trust in the case of governments. Moreover, a substantial amount of manpower is needed when recovering lost data, not to mention the cost of recovering devices and networks, which all add up. However, arguably even more detrimental is the loss of customer trust when these attacks occur.
As the saying goes, a bird in the hand is worth two in the bush and the cost of acquiring new customers is high when reputational damage is suffered. It therefore makes much better strategic business sense to work to keep existing customers. Online availability is essential to business functionality in today’s world, which makes it critical for retaining customers. This is not only an international problem, it is also a local one too.
Lightning can strike twice
According to the Sophos report The State of Endpoint Security Today, South African businesses are falling victim to repeated ransomware attacks, highlighting a serious vulnerability. More than half of the 200 respondents admitted to a ransomware attack in 2017 and many businesses indicated that they had been hit more than once. The survey revealed that the average cost of a ransomware attack was R1.7 million.
Attackers will often launch multiple formats of attack on the same business to ensure that at least one will be successful. The reality is that security alone is not enough, because the threat is always evolving and often vulnerabilities will be discovered by criminals before security organisations are aware of them. It has become a case of ‘when’ and not ‘if’ an attack will penetrate the organisation. Recovering quickly and with minimal downtime and expense is key to tackling ransomware attacks and minimising its impact on business.
Backups are useless, recovery is priceless
The traditional backup-centric approach to data protection is no longer viable. Organisations need to become recovery-centric in order to meet the evolving threat landscape and business requirements of the digital era. Backup and recovery infrastructure needs to support customer retention and enable a business to continue with as little disruption as possible when an incident occurs.
Many businesses have efficient backups but struggle to accelerate recovery time, which affects the Customer Experience (CX). If your service is down you are likely to lose customers to the competition. Businesses also need to balance cost and performance and ensure elasticity to enable instant scaling by implementing the right architecture, Capacity on Demand (COD) models and intelligent backup and recovery solutions. Furthermore, the backup infrastructure that for years has been considered ‘secondary’ is often not highly available (HA) as there was an assumption that recoveries can take long to complete. With the modern customer requirements of availability that is no longer the case, and lack of HA can extend recovery times by hours and sometimes days.
All about the infrastructure
Data is critical in a digital world to drive business value and a competitive edge, which makes it vulnerable to attack. It has become essential for organisations to plan and build infrastructure that enables their business to recover as quickly as possible, to better serve their customers. The right recovery tools are critical to meet increasingly stringent Recovery Time Objectives (RTOs) while maintaining costs and gaining the agility necessary for digital transformation. With this in place, organisations will be well placed to recover quickly from an attack, without the need to pay a hefty sum of money (ransom) in order to gain access to the organisations systems and information This is imperative to getting back to business as usual as quickly as possible, minimising costs and retaining customers.
The best defence to ransomware attacks is the ability to recover quickly to a clean copy of data that is unaffected by the malicious encryption software. Data storage providers therefore need to provide the best support possible, implementing intelligent solutions in order to assist these organisations in the fight against malicious cyberattacks.
Share