“Enterprises need to have a heightened awareness of the many security vulnerabilities that exist today. Companies should set schedules, routinely update systems, and apply new patches as needed,” says Shridar Subramanian, Vice President of Product Management, StorageCraft, in an exclusive interview with ITSecurityWire.
ITSWBureau: Why are enterprises across industries failing to strengthen their cybersecurity infrastructure?
Shridar Subramanian: Today, there is a lack of investment in cybersecurity from some companies even though there are new cyber threats plaguing global corporations every day. With a growing amount of data, hackers have more opportunities to strike and companies need to respond with stronger cybersecurity strategies and plans.
As working from home offices or working at remote offices/branch offices (ROBO) is the new norm, IT teams have an even bigger challenge, managing and protecting critical business data across the enterprise. In addition to this challenge, many organizations do not have an effective backup and disaster recovery plan in the first place, so when they are hit with an attack, they have a difficult time recovering.
Ransomware technology continues to evolve and just when organizations seem to have a handle on how to address and/or prevent the most malicious tactics, hackers find additional ways to target data.
There are numerous reasons why ransomware can break through an organization’s data infrastructure and today, companies, both big and small, are vulnerable to attacks. Some of the most common causes for attacks include emails with malicious links and/or files, overall system security weaknesses, and remote desktop protocol vulnerabilities.
ITSWBureau: The surge of ransomware attacks has made it difficult for enterprises to effectively run their business operations. What steps can they take to mitigate their impact?
Shridar Subramanian: Ransomware has become a global issue as cybercriminals come up with new tactics and threats and grow their list of targets. With this in mind, organizations must make data backup a big priority. Backing up mission-critical data on a regular schedule is paramount. Data should also be kept in multiple places.
For example, if a business stores data in the cloud, they should keep an additional copy offline too. If backups are somewhere in a data center and on disks, IT should have an extra copy offsite as well. Data is always changing, so a regular backup schedule will allow organizations to restore the most up-to-date version.
Organizations should also:
Increase awareness among employees—preventing ransomware attacks altogether can save a business a lot of time and money. While ransomware is a unique type of attack, there are ways to recognize this malicious software. Companies should train employees on how to avoid malware and also understand the repercussions of a successful ransomware exploit.
Change administrative control settings—first, to compromise a specific system, ransomware villains need root privileges. By acting as the administrator, this variant can overwrite the master boot record and modify it with malicious code causing major issues and severe consequences that can devastate a business. However, enterprises can take more control by simply limiting administrative access in configuration settings.
ITSWBureau: What are the effective ways that enterprises can use to reduce their downtime?
Shridar Subramanian: Organizations should stop taking a reactive approach to ransomware and focus on ways they can be more proactive. This includes routinely testing backups to prevent them from falling during an emergency.
Backup copies should be tested, so companies can be confident that they can restore data quickly and effectively across the organization. This is important for cloud servers, NAS devices, thumb drives, and storage mediums that house valuable business data.
Between the rise of attack frequency and the increasing sophistication of malicious software, ransomware-specific disaster recovery plans and solutions will be critical for businesses in the year ahead.
ITSWBureau: How can enterprises use data to scale their business operations without exposing their enterprise infrastructure to security vulnerabilities?
Shridar Subramanian: Enterprises need to have a heightened awareness of the many security vulnerabilities that exist today. Companies should set schedules, routinely update systems, and apply new patches as needed. This is a simple step stop ransomware in its tracks, but surprisingly it can be overlooked.
Additionally, organizations should consider blocking attachments that look suspicious or are commonly associated with malware. This would stop employees from opening these files. Since this could also prevent access to legitimate files, a separate server can be designated, even in the cloud, to primarily store blocked file types.
ITSWBureau: What innovative trends do you expect in preventing ransomware attacks in the foreseeable future?
Shridar Subramanian: As ransomware threats grow and evolve, it will be necessary to have more advanced protection. Neutralizing ransomware starts at the top with senior leadership. With strategic support and leadership from business continuity managers and system administrators, organizations can define the most effective strategies for stopping ransomware.
One trend that can help prevent ransomware its sandboxing technology. An approach that shows promise, a sandbox is a virtual environment that cuts off and stops malware from manipulating network data.
While ransomware can still encrypt files in the isolated container, this creates an extra layer of protection and any files out of the sandbox remain secure. Additionally, today there are some behavioral-based security solutions that are helping enterprises trick ransomware into thinking it is trapped.