Today, 1 October, marks the start of Cyber Security Awareness Month (CSAM), which for the past 18 years has raised awareness of the importance of cyber security, and educated individuals around the world on how to stay safe online.
CSAM is a global initiative that was formed by the US Department of Homeland Security and the National Cyber Security Alliance in 2004 to recognise the importance of digital security for people and businesses alike.
2021: The year of ransomware
This year’s theme is “Do your part. #BeCyberSmart,” which, according to cisa.gov, “encourages individuals and organisations to own their role in protecting their part of cyberspace, stressing personal accountability and the importance of taking proactive steps to enhance cybersecurity.”
One thing became clear this year, and that was that ransomware topped the list of threats for businesses across the board. Ransomeware has become one of the most prevalent attack methods for threat actors, from state-sponsored attacks to syndicates driven by large payouts.
In fact, 2021 saw many high-profile attacks littering the headlines: the Colonial Pipeline, Kaseya, Ireland’s Health Service Executive (HSE), and CNA Financial, to name but a few.
Preventing social engineering
Anna Collard, SVP of content and evangelist at KnowBe4 Africa, says CSAM comes at a time when cyber security awareness should be on everyone’s mind. “The risk of attack has soared. According to Atlas VPN, 45% of organisations globally were impacted by recurring cyber attacks, malware was up by 358%, and ransomware by 435%.”
She says social engineering remains the number one root cause used by ransomware and other malware attacks to gain initial access. “It has become absolutely critical to manage human risks effectively as it’s still the top attack vector used by cyber criminals. There are ways of mitigating the human risk factor and engaging with your employees on a deeper level.”
For Collard, effective cyber security training is key, including simulated phishing campaigns, which can be highly effective.
“Approach the training with sensitivity, ensure that your people are engaged, and that their concerns are recognised,” she advises.
“People look to what their leaders are doing, so get a video clip of your senior team leaders sharing why security is important, or undertaking a phishing training course, to show that they are as committed to this as anyone else. Add to this personal involvement by ensuring that you pull in all teams and silos. Work with marketing, internal comms teams, HR, and every other business department to create a comprehensive and holistic security culture.”
Traditional backups aren’t safe
Surya Varanasi, CTO at StorCentric, says due largely to COVID pandemic, wide scale layoffs, and record numbers of people being sent home practically overnight to work, learn, shop and live, the number of successful cyber attacks soared to previously unseen heights.
In fact, Varanasi says recent IDC research indicated that over the past year, more than one third of entities globally suffered a ransomware attack or breach that successfully blocked access to systems or data.
“Many experienced multiple ransomware events. With cyber crime projected to cost the world $10.5 trillion annually by 2025, […] taking the appropriate measures to ensure cyber safety and security must become priority number one.”
Varanasi says while having backups was thought to be a solution in the past, bad actors are aware of this, and have tweaked their tools of malfeasance accordingly. They can use ransomware to infiltrate the network and render all forms of traditional backup useless.
“What is required today, is an elevation in backup strategy from basic to unbreakable. In other words, for today’s ransomware threat what’s needed is to make backed up data immutable, thereby eliminating any way it can be deleted or corrupted.”
Recovery is everything
JG Heithcock, GM of Retrospect, says: “Backup is one thing, but recovery is everything. In other words, choose a backup solution that ensures the recovery piece (which surprisingly, not all of them do). Look for a provider with vast experience, as well as a track record for continuous innovation that ensures its offerings are prepared to meet prevailing conditions.”
Heithcock advises that any solution should provide broad platform and application support, and ensure protection of every part of the IT environment, on-site, remote, in the cloud and at the edge. It should also auto-verify the entire backup process, checking each file in its entirety to ensure the files match across all environments, to ensure recovery.
“Finally, at least one backup should be immutable and unable to be altered or changed in any way, at any time. Even if the ransomware took a ride along with your data to your backup site, during the last backup.”
Replace outdated VPNs
For Don Boxley, CEO and co-founder of DH2i, the solution is to replace outdated VPNs.
Although VPNs were once the data access and security solution of choice, recently they have proven to be less than effective.
“In fact, research conducted prior to the COVID-19 pandemic, revealed that of those already using VPNs, nearly two-thirds (62%) cited inadequate security as their number one VPN pain point. And a disturbing 40% of those responsible for keeping ransomware and other malware from penetrating their network, believed that in fact, it already had.”
Boxley says it’s time to fight fire-with-fire and deploy solutions that are as innovative and aggressive as the authors behind ransomware. “This is why so many are now turning to software defined perimeter (SDP) solutions to replace their outdated VPNs. With SDPs, users can construct lightweight, discreet, scalable and highly available ‘secure-by-app’ connections between on-premises, remote, edge and/or cloud environments.”
He says contrary to VPN design, SDP solutions were engineered specifically for the way we work, learn and live today, providing virtually impenetrable protection now and into the future.