The number of ransomware attacks on enterprises is growing by the day. After gaining access to a network, hackers inject malicious files and encrypt the data.
“The number of attacks directed at India’s government sector increased by almost 95 per cent in the second half of 2022,” Curtis Preston, Chief Technical Evangelist of Druva, an SaaS-based data resilience solutions company, said.
A reliable data backup and recovery strategy is a must for enterprises and organisations. But what if the backups are targeted? “Backups are copies of a company’s valuable digital assets and the final line of defence against ransomware. Implementing secure backup policies is crucial because it helps business continuity in the event of an attack,” Preston said.
Organisations must restrict access to backup data according to the needs and roles of employees. They must have visibility over who has access to the data and who is accessing it, he said.
Hackers know well that victims immediately fall back on backups to restore systems. So, the onus is on organisations to back up scientifically to insulate from hackers.
Encryption and exfiltration
Most on-premises backup servers are vulnerable to two kinds of ransomware attacks — encryption and exfiltration.
“Hackers attempt to encrypt the backups as well, because they contain the information required to reconstruct the machines after they were compromised by the ransomware attacks,” Preston observed.
“Remember that they (backups) are your last line of defence, and you must hold the line,” he cautioned
Besides the traditional ransomware attacks on backup servers, cyber fraudsters are also increasingly resorting to data exfiltration. They then attempt extortion, threatening to make sensitive data public in the dark web and elsewhere.
“The organisations are left with no choice but to pay the ransom and cross their fingers that the attackers keep their word,” he said
