Rick Vanover, Senior Director of Product Strategy, and Anthony Spiteri, Senior Global Technologist, of Veeam, tell us with the right preparation, governments can build resiliency against ransomware attacks to avoid data loss, financial loss and reputation damage.
Over the next 10 years, the Australian Government’s Cybersecurity Strategy 2020 will invest A$1.67 billion to achieve its vision of creating a more secure online world for Australians and their businesses. As part of a three-pronged approach, which will focus on the government, businesses and the community, the strategy will emphasize the role of both state and territory and local governments in protecting their systems from cyberattacks.
The increased government focus on cybersecurity is a sure sign that that as our personal and corporate information shifts towards the digital, so too do the threats towards it. So, while ditching the old legacy systems is a must, it must be done in the safest way possible, both for the Australian government and its citizens.
Educate your way to ransomware resilience
Education journey begins after the risks of the threat actors are identified. Remote Desktop Protocol (RDP) for remote access, phishing email and software updates are the three main mechanisms that can be used to enter a business system for ransomware. Knowing these can help government organizations to make strategic investments in building resiliency from an attack vector perspective.
Most IT administrators use RDP for their daily work, with many RDP servers being directly linked to the Internet. Hence Internet-connected RDP needs to stop. IT administrators can get creative on special IP addresses, redirecting RDP ports, complex passwords and more, however data insights reveal that over half of ransomware comes in via RDP. This tells us that exposing RDP servers to the Internet is not in alignment with a forward-thinking ransomware resiliency framework.
The other most frequent mode of entry is through phish mail, hence, deleting all suspicious emails should be the next logical step. Awareness training to identify phishing emails coupled with self-assessment tools can create an effective rapid response mechanism.
The education aspect must be taken seriously. Whether it is assessing the phish risk of an organization, removing the most frequent attack vectors or keeping systems and software up-to-date is effective in avoiding the increased risk of ransomware attacks.
Implement the best backup solution
When it comes to a ransomware incident, resiliency is completely based on how and which backup solution is implemented, the behavior of threat and the course of remediation. Implementing backups in an ultra-resilient storage type is one of the most critical defenses for ransomware resiliency. Beyond ransomware, backup solutions can bring other protection techniques for backup data resiliency such as mitigating insider threats and accidental deletion.
Remediate the attack
In addition to educating stakeholders and implementing techniques to build a resilient infrastructure, public sector organizations should safeguard plans to mitigate the impact of ransomware threats. In an event of ransomware attack, the following measures should be taken:
- Do not pay the ransom.
- The only option is to restore data.
Implementing stringent layers of resiliency and knowing what to do when a threat gets discovered is critical. Among the top priorities should be to onboard a team of security experts, identity management professionals and incident response authorities who can be contacted in a state of emergency. Additionally, having clear guidelines on the decision-making authority simplifies the recovery process after a disaster event has occurred. Finally, when the scenario is right to restore, implementing additional checks of safety before putting the system on the network again is important.
With the right preparation, governments can build resiliency against a ransomware incident to avoid data loss, financial loss, business reputation damage and more. As governments across the globe experience a tight economic outlook, delivering citizen services efficiently and effectively becomes a top priority. Data driven digitization can help overcome challenges and create new opportunities for citizen services. Hence, the protection and management of critical government and citizen data become ever more critical.
The key to successfully introducing new policies, regulations and governance is empowering government and public sector enterprises with data-driven decision making. Well managed and securely protected data can unlock the power to transform public sector services through simple, flexible and reliable backup and recovery.Click below to share this article