Backups as a cybersecurity strategy against ransomware, suggests Check Point Software
Editor’s brief: If you have ever managed a web property or a corporate network, you would understand downtime. Downtime is painful and frustrating, especially when customers, visitors and colleagues begin to chase you down on “why is the website/network down?” Prior to contemporary onslaughts of breaches and intrusions, downtime could simpy be about failed disk drives, blackouts or brownouts. However, with more sophisticated cybersecurity attacks such as ransomware, donwtime can be crippling, where data are encrypted and unavailable for use, and you become trapped with a threat actor threatening to release your confidential to the open, or you risking a colossal data breach where the threat actor may share your users and customers’ data on the dark web for a song, resulting in grave reputation lapses and even lawsuits. So, Check Point Software suggests that backups can be a good strategy against ransomware, and we tend to agree. Read more below.
SINGAPORE – Check Point® Software Technologies Ltd. (NASDAQ: CHKP) warns that the global surge in ransomware shows just how critical it is that organisations have a robust backup strategy in order to minimise the impact of an attack on their networks. The latest data from Check Point reveals a 57% increase in ransomware attacks over the last 6 months, with a 9% increase month on month since the advent of 2021. On average, a new organisation is hit by ransomware every 10 seconds.
The average cost of recovering from a ransomware attack was over US$84,000 in 2020, and the cost of remediation increases for every hour that business systems are unusable, so the ability to quickly restore data and systems is critical – which means having comprehensive and recent data backups is imperative. According to Check Point, without an effective backup strategy, organisations expose themselves to these key risks:
- Dissatisfied customers: if an organisation doesn’t have a backup of its data from which to resume normal operations, it could be at risk of upsetting, and ultimately losing, its customers.
- Non-compliance with GDPR: backup and disaster recovery are essential under GDPR. Failure to backup data regularly, and in accordance with the rules, could result in financial penalties.
- Economic damage: data recovery is tremendously complicated and a very expensive process that’s not even guaranteed to be fully successful.
- Disrupted services: if data and files are lost, an organisation may be forced to temporarily stop its activities, with all the knock-on effects that has such as lost sales and unavailability of services.
- Damaged reputation: unsuccessful data recovery may call into question the credibility of the company, as data would need to be re-collected. A reputation that took years to build, could be compromised in a very short period of time.
“Preventing ransomware attacks in the first place, using leading protection software, should always be the go-to option. However, as cybercriminals are continuing to evolve, there is still the risk of becoming another victim,” said Maya Horowitz, Director, Threat Intelligence and Research, at Check Point Software. “It is essential to back up data regularly — constantly, if possible, and throughout the entire organisation. Having your backups stored offline, or segregated from your main network, is also recommended to avoid it too being encrypted by ransomware. In an attack, a criminal gains power when they hold all your information hostage; you won’t be able to access your important files or systems until you pay the ransom. But if you have safe copies of all your old data, this threat can be pointless.”