Thanks to the increasing bursting digitalisation, global attention is turning to cybersecurity and defence against unwanted cyber-attacks.
From SMEs to large corporations, via government organisations and individuals, the winning ally in this context is undoubtedly Backup. Just to raise awareness and make people understand the importance of this simple act, World Backup Day is celebrated every year on March 31, and the Australian Cyber Security Centre (ACSC) has urged all Australians to back up their important files.
The acts of saving and transcribing files are therefore indispensable not only in case you lose your device but also when you are the target of malicious events, even and especially intentional ones, as ransomware is. Such virus is increasingly prevalent, and the expanding trend is also demonstrated by the data contained in Verizon’s latest Data Breach Investigations Report (DBIR 2022).
According to the report, attacks of this type have spread significantly with an increase of 13% in just one year – a greater growth than in the past five years combined. The report also revealed details into the access points: 40% of ransomware incidents involve the use of desktop sharing software, while 35% are email-related. This is followed by web applications (15%) and direct installation (8%).
In case of a breach, most organisations tend to pay the ransom for the quick resolution of the situation and to regain possession of the lost data. However, considering the criminal nature of those who commit these operations, the outcome is not always the desired one. The ultimate goal is, in fact, the sole generation of profits: according to Verizon’s DBIR out of 300 simulated incidents, the median profit stands at $178,465, with peaks reaching $3,572,11 (USD).
Companies, however, are not completely helpless when facing ransomware: a key element in avoiding economic damage and ensuring their business continuity is backup, preferably done offline and on a regular basis.
As well as data backup, other simple measures to prevent fall out from attacks include:
- Use antivirus to remove bots
- Adopt patching policies, filters and asset management to prevent vulnerabilities
- Standarise two-factor authentication and password management to help minimise credential exposure
- Set up filters for e-mail and web browsing
- Ensure training is regular and aimed at informing employees about the threats that lurk in some electronic communications
