Reading, 15 September 2021 – Redstor and XTECH announce a strategic partnership to protect customers’ traditional infrastructure as well as cloud and SaaS data from a single app.Continue reading
Please give us a few moments whilst we get your account ready.
“Automated theft” you say? Hmm, so if the data theft is automated does that mean the data security can also be automated? The answer is “yes”, and “it better be.” Data theft is lucrative business and according to the data security analysis by Gemalto and findings for 2015 of the Breach Level Index (BLI), “malicious outsiders” are the number one cause (58% of all cases). Without automated data protection, the speed and variety at which data breaches occur is simply unmanageable.
We’re all aware of the elusive “cybercriminal”, the malicious outsider wearing the balaclava with mad computer hacking skills. Then there’s the malicious insider, better dressed but still causing 14% of data breaches. Well-meaning hacktivists cause 2% of data breaches. Interestingly enough, “accidental loss” is the second-most prevalent cause with 24%! Mind you, it’s debatable how many accidents are actually caused by negligence.
The BLI shows how 2015 was the year that data breaches “got personal”. Identity theft became the most prominent type of data breach in the world – 53% in fact – next to stealing credit card data and financial information.
Identity theft is a vast topic and has many sources and numerous methods cybercriminals use to accomplish: from the manual efforts of social engineering and phishing, to more elaborate automated schemes like ransomware and malware botnets.
We focus on botnets since the topic is seldom addressed but the threat is equally potent in causing downtime. To safeguard against such an extremely robust enemy, the data protection is three-fold.
This is achieved through securing your company network by doing even the simplest manual tasks, like increasing browser security settings, never opening attachments unless its source has been verified, and ensuring your operating system and software has the latest security updates installed.
Anti-malware providers make software available that is able to help counter a botnet attack. Specific anti-bot software installed on desktop computers use heuristics to recognise bots should they fail to be detected by the usual anti-virus software. For networks, more elaborate techniques are used like shutting down C&C servers, null routing DNS entries, or completely shutting down IRC servers.
The quintessential means of ensuring business can continue as usual after malware infections or data losses, is data backups. To be effective, these backups need to be scheduled to automatically run at regular intervals. And if your backups aren’t cloud-based, it is preferable that all data is mirrored to some form of off-site storage for redundancy. This will also help protect your data should the network be infected.
The recent ransomware attack on Kaseya, a cloud-based IT and security management provider services company that supplies tech-management tools to customers worldwide, has the potential to be the most serious cyber-criminal incident this year.Continue reading