Does your business keep sufficient backups?
With the ever-increasing risk of cybercrime across the world, and the global pandemic forcing people to work remotely, more and more businesses are leaving themselves open to cyber attacks. Unfortunately, since the outset of COVID-19, LoughTec has seen an increase in the number of brute force cyber attacks on businesses.
Ransomware attacks are on the rise and they’re estimated to cost companies across the globe £15 billion by 2021. That equates to claiming a victim every ten seconds. In the hacker’s eyes, it is the perfect crime – payments are untraceable. Companies that pay ransoms are also helping to fund further crime and have no guarantee that they will get their data back.
If you do not use a secure solution for remote working, you are more vulnerable. One port or remote access application left open could result in a network being compromised. Even if you have anti-virus software installed on your system, your system can still be infiltrated. Anti-virus on its own is no longer enough to stop attackers. You need a layered security approach to your IT systems.
What if you do get hacked – do you have data backups in place that will lessen the damage?
The most common backup scenario is usually to have a backup location via a network-attached storage (NAS) drive. This drive is usually stored onsite on the company network for better data recovery speed.
Unfortunately, a hacker can infiltrate your system following an end-user clicking on a suspicious link. This then deploys a ransomware script on the PC which looks for all mapped drives and encrypts the data, along with all other files and folders on the NAS backup device.
The company then has a few options:
- Pay the sizeable ransom the hacker has requested to decrypt the data – this in itself does not always guarantee the hacker will decrypt the data. In some instances, the hacker will allow you to recover some data, but not all of it. They will then request further payment. The hacker will usually request payment in Bitcoin and can run into the tens of thousands of pounds. (1 Bitcoin currently valued at £14.5k)
- Restore the data from an old server, which may be very out of date.
The sad reality is the company will lose years worth of data in an instant. Having adequate backups would have mitigated the risk of losing data.
Companies must have at least two backup targets in place in case the worst does happen. Organisations should ask themselves; what is their data worth to them? Could they do without it, and if so, for how long?
- External hard drives
External hard drives are a cost-effective solution that can be a lifesaver if you are a cyberattack victim. It is important to check your hardware regularly – is it working properly? Are all your files being backed up successfully? N.B. If you are busy, it can be difficult to remember to swap the USB drives. With the amount of staff working from home are the USB backup drives being changed daily in the office?
- Network-attached storage (NAS)
These work best when stored offsite, away from the company premises. For example, if there was a fire at your business premises and your NAS was destroyed, would your company have another backup to continue to operate effectively? N.B. If a hacker gains access to a network, the first thing they will look to encrypt will be the backup system. In this case, if the NAS was onsite running from the company network, the hacker could attack the NAS with ease.
- Cloud backup
Having a cloud backup is excellent business practice. This is the best backup target – with it being stored offsite in the cloud, hackers cannot gain access to this. Backups can run without any intervention from staff needing to change USB drives or worry about the NAS device getting encrypted. If the worse does happen, you can restore your files quickly and continue to operate without fear of any of your files being missing.
Are you worried about the cybersecurity of your business? Talk to LoughTec today – our team of experienced IT specialists can carry out an in-depth assessment of your business, to highlight potential weak spots in your IT infrastructure. We can work with you to develop a strategy to mitigate any risks.
Contact us today to arrange your assessment on +44 (0)28 82 25 2445 or email email@example.com.