Wondering how to Stay Ahead of Cybersecurity Threats?
As this year’s Cyber Security Awareness Month draws to a close, we took the opportunity to catch up with Tim Rae, Senior Sales Engineer NSW at Veeam. Veeam provides modern data protection, backup, and recovery solutions for all cloud virtual and physical workloads in a single, industry-leading platform.
We spoke to Tim about the current cyber threat landscape and asked what organisations should be doing to protect themselves against today’s cyber threats.
A Rapidly Changing Environment
The huge digital shift of the past 18 months has meant our dependence on the internet has grown across the board. The subsequent increased size of the cyber-attack surface has exposed more vulnerabilities for cyber-criminals to exploit, reflected by the 15% increase in cyber-crime reports, according to this year’s Annual Cyber Threat Report 2020-21 by the ACSC. The report also found that government agencies at all levels, large organisations, critical infrastructure providers, small to medium enterprises, families and individuals were all targeted.
Although many organisations may have a more mature cyber security posture now than they perhaps did 18 months ago, are the nature and targets of cyber-attacks changing?
“Ransomware certainly remains the biggest external threat, and we see more sophisticated tactics and greater planning. Threat actors will infiltrate a network to find vulnerabilities and observe user behaviour, such as regular operating hours. This means a ransomware attack might be timed to occur outside of office hours, therefore taking longer to detect and mitigate.”
“The attacks are causing greater damage to customers and services. Not only is it the disruption to services and financial losses that firms need to be thinking about – for larger organisations, the downtime can also significantly harm brand reputation.”
Everyone is a Target
This year, there have been some notable targeting of high-profile organisations, critical infrastructure and the not-for-profit sector. Channel 9 fell victim to a ransomware attack that infiltrated their company network, compromising their systems and applications. This interruption of their core business processes disrupted broadcasting from their Sydney studios.
One of Melbourne’s largest metropolitan public health services, Eastern Health, was hit by a ransomware attack that left staff unable to access patient records across four hospitals and caused delays to elective services. And Stonnington Council was forced to shut down online services, including its ePlanning portal and payments systems after a cyber attack.
Ransomware made up 13% of attacks last year, reported at a rate of 500 ransomware reports each month to the ACSC. The rise of cybercrime services on the dark web, such as ransomware-as-a-service (RaaS), has likely contributed to these numbers by enabling malicious actors to launch attacks without significant technical expertise and financial investment.
Offence is the Best Defence
“A ransomware attack aims to maximise damage to the victim’s data so that they will pay the ransom. So, the best defence is a combination of prevention and mitigation, as laid out in the ASCS’s Essential 8.”
“Make sure systems are always up-to-date and patches installed. We also recommend application hardening, to ensure applications cannot be compromised and implementing multi-factor authentication.”
Even with the most robust preventative cybersecurity measures in place, such as AI-powered threat prevention and detection, zero trust protocols and data protection, organisations must also be prepared to mitigate risk, should their cyber defences be breached.
Staying Ahead is Crucial
So, what can they do to stay one step ahead of cybercriminals to keep their data and systems safe?
“The best defence is to have multiple backups stored in different locations. A backup strategy should take into consideration your core recovery point objectives, such as how much data loss can you afford to lose in the event of a security breach or disaster?”
“From a data perspective, we recommend multiple copies stored in different locations following a 3-2-1 rule. That means 3 copies, in 2 different mediums, with 1 copy stored off-site. The offsite copy should be air-gapped and immutable to ensure it can never be encrypted by ransomware”
“For mission critical operations, implementing data replication and virtualisation in addition to backups will prevent data loss and downtime with instant recovery.”
The Final Piece of the Puzzle
“And finally, probably one of the most often overlooked cyber hardening measures after technology and processes, is user awareness. Effectively training your employees how to be safe online and what to look out for is an essential component of a robust cybersecurity strategy.”
Implementing the right data protection, backup and recovery tools in combination with robust cybersecurity protocols and staff training, is the best strategy to keep your organisation’s data safe.
As a Veeam ProPartner since 2011, Qirx offers a range of innovative IT solutions that place cybersecurity front and centre. Using world-leading technology, our skilled consultants apply a holistic approach to develop tailored solutions for clients across the education, government and commercial sectors. We’re experts at implementing security measures that complement and protect your business environment.