The ransomware attack that had a catastrophic impact on the Republic of Ireland’s health service this week is a stark reminder of how vulnerable all organisations are to cyber-criminals.
Every aspect of patient care was said to have been affected after an HSE employee, whose computer had stopped working, was duped into clicking on a malicious link.
In the chaos that followed, health workers were forced to revert to using paper records and the number of appointments in some areas of the system dropped by 80%.
Wizard Spider, the Russian-based gang behind the attack are now threatening to share and sell information, including personal data relating to patients, on the darknet if a ransom is not paid.
Although the HSE received a decryption key to unlock their systems, it is thought the restoration of these systems could still take weeks due to the key being ‘buggy’, HSE having out-of-date computer systems and an archaic network still using Windows 7, which is no longer supported by Microsoft.
During the first quarter of this year alone, the cybersecurity firm Proofpoint observed seven million malicious messages sent through Microsoft Office 365 and 45m from Google’s infrastructure.
Malware is here to stay and leading researcher, Cybersecurity Ventures, predicts by 2021 an organisation will fall victim every 11 seconds – with Gartner reporting that the average cost of downtime is more than £4,300 per minute. So, it’s not a case of if there’s an attack, but when.
If a backup is on the same network as live data and a ransomware infection takes hold, all data on the network, including backups is susceptible.
However, an offsite backup that has been encrypted at source is protected because it is held separately from the network where live data sits, meaning that ransomware cannot propagate to it.
Now, more than ever, companies need to:
- Ensure data is always available – wherever users are, they all want access to their critical files 24/7, even in the event of SaaS or IaaS outage.
- Safeguard cloud-based data – The adoption of SaaS apps and growth of cloud data has been massive, but it would be wrong to think back-up tools are built in. Typically, the SaaS or IaaS vendor is responsible for availability, but it remains the data owner’s responsibility to ensure data can always be recovered.
- Guarantee recovery from ransomware – Many on-prem backups aren’t safe from ransomware. To guarantee recovery, organisations need an isolated backup, held separately from the primary network.
- Eliminate downtime: With the right cloud-data management platform, you can stream backup, archive and DR data. When you are able to access priority data, without having to wait for whole systems to recover, a major issue, such as a ransomware attack, should not stop users resuming work immediately.
As a national partner of the Business Resilience International Management (BRIM), the government and police-backed initiative, set up to reduce the impact of cyber crime on organisations in the UK, Redstor can help.
As well as delivering accelerated recovery of backed up data, Redstor aligns with Cabinet Office and National Cyber Security Centre (NCSC) guidance, with a solution that backs up and archives data securely and directly to the cloud.
Get in contact now and see how we can mitigate the risk of ransomware with isolated offsite protection – without the need for on-prem hardware that can be compromised, leaving organisations paralysed.