The example shows: Not only companies with sensitive research, product development or financial data are on the radar of ransomware attackers. The example also shows what impact a forced switch to manual operation over a long period of time has on business processes. A well thought-out disaster recovery and backup strategy in the company is essential when it comes to maintaining business continuity within the shortest possible time, even in the event of damage.
The threat of cyber attacks is growing
Cyber attacks have not only existed since the beginning of the corona pandemic. However, the increased shift of processes to the digital since spring 2020 has noticeably exacerbated this development. According to the Global Security Report 2020 of the security provider Trustwave, retail is the sector most affected by cyber attacks. Attackers are constantly changing their attack tactics: while spam e-mails were the greatest threat in 2010, at 87 percent, the proportion fell to 28 percent in 2019. Phishing and social engineering, on the other hand, caused half of all data leaks. The time span between penetration and discovery is getting longer and longer. On average, it took 86 days in 2019, compared to 55 days in the previous year, until the incident was noticed.
Concern for the security of one’s own networks is justified. The security researchers at Check Point describe the numbers for the development of ransomware attacks in the past year as “terrifying”. In Germany alone – as of October 2020 – they have increased by 145 percent within three months. The example of Tegut clearly shows that the consequences are life-threatening. Disruption of operational processes, loss of sales, loss of sensitive data, loss of reputation and thus probably also loss of customers.
However, a targeted backup and replication strategy can help to restore operations within a very short time and thus prevent at least some of the negative effects. Blackmailers no longer have “leverage” for a ransom demand, as companies no longer depend on the data being disclosed (and this would not be guaranteed in any case, even if payment was made).
Backup software: simple and complex
In order to withstand the increasingly complex and sophisticated cyber attacks, antivirus software alone is not enough to protect internal company data and processes. Well-engineered backup & replication solutions are required that ideally support automated backup processes both in the on-site IT system and for data from cloud services. These functions should also be as easy to configure and use as possible and function reliably in everyday IT. A backup and recovery tool can restore accidentally or intentionally deleted data.
In order to protect against ransomware, however, additional features are required such as failover, i.e. the automatic switch to a replacement system, backup to the cloud, backup copies and restoration of virtualized environments. If malware has entered the system, comprehensive recovery functions should be able to take action in an automated and coordinated manner across multiple locations. Of course, it should be ensured that a consistent disaster recovery plan is in place.
The company’s backup strategy ensures security
Without a carefully planned approach, even the best software is of little value. The more conscientious the preparation, the more effective the corresponding measures are in an emergency. A backup solution must be easy to use, but it can remain affordable. In any case, it saves a lot of money in the event of damage. A strategy should always include the following five steps: