“The failure to understand and address risks related to technology, primarily the systemic cascading effects of cyber risks or the breakdown of critical information infrastructure, could have far-reaching consequences for national economies, economic sectors and global enterprises.” -The Global Risks Report 2016
Cheery stuff and just to really depress you; why not try to find your country on this map and see how at risk your business is to a cyberattack? Yay!
Fig 1. Ranking of predicted cyber attacks. The darker the colour, the higher the concern. Source: The Global Risks Report 2016
You’re still smiling aren’t you? Optimistic, I like that. Or maybe you work at an SMB or Mid-market company and you think no one would bother to hack little old you? This is what AT&T have to say: “Hackers will no longer target just large organizations as they can get equally valuable information in other places through analytics on the data they are collecting and combine data to make it more valuable. That means smaller organizations are more likely targets.”
No one is suggesting you down a bottle of cough syrup, whack on a Morrissey album and spend a night-in with this year’s Global Risks Report, but one or two of the nightmare scenarios are worth knowing about. The report links cyber security with information infrastructure or in other words, there are a lot of security breaches expected in 2016 and advanced backup and disaster recovery capabilities are going to be needed more than ever to mitigate their impact.
Here is a list of the top cyber security threats expected this year and what backup and disaster recovery capabilities you will need to combat them:
Ransomware
“The criminals behind the ransomware campaigns are savvy and once they realise that they’ve locked up source code and financial documents that haven’t been properly backed up, you can expect prices to skyrocket … and be paid.” – Michael Sutton, CISO at Security, Zscaler
Recovery tools you need:
- Multi-site replication –multiple image copies of backups cascaded to separate networks
- Encryption of backup images
- Encryption of backup data in transfer
- Recovery time in minutes not hours/days – virtual standby and BMR to dissimilar hardware in the case of building a new environment
- Recovery time in less than 1 second not minutes/hours/days – full system data and application failover (optional)
- Safely stored tape archives and/or cloud backup
Attacks That Change or Manipulate Data
“At the moment, most of the serious hacks have been theft, but what if someone gets in the system and starts manipulating and changing data, to the point where now as an operator, you no longer believe what you’re seeing in your system?” -Mike Rogers, Head of the NSA and US Cyber Command
Recovery tools you need:
- Recovery points – point in time backups which you can ‘rewind’ to, i.e. to restore your data and applications from before the first attack
- In-line deduplication – the more restore points you have the more data you store; a powerful deduplication technology is key to making possible more restore points
- Safely stored tape archives and/or cloud backup
Cost of cyber insurance
“We expect to see an increasing sophistication in the way the risks associated with a cyber breach are factored into policy cost, just as a driver’s safety record and driving habits are factored into the cost of an automotive policy.” – Carl Leonard, Principal Security Analyst, Websense
Recovery tools you need:
- A recovery solution capable of faster recovery times means lower cyber insurance premiums
- Multi-site replication to separate networks improves scope and speed of recovery, again lowering premiums
- Safely stored tape archives and/or cloud backup reduce the extent of lost data and lower cyber insurance premiums as well
Balkanized Internet, divided by countries
“Countries everywhere will take some measure to strategically block Internet access suspected of industrial or governmental cyberespionage and other online criminal activity.” – Sean Tierney, VP of Threat Intelligence, IID
Recovery tools you need:
- Adhere to local compliance by having full control over the location of your backup data and applications – multi-site replication
- Working with a cloud backup provider with data centers in the same geographic region
Social engineering
“Hackers who understand technical details of attack security, but also have the business acumen to communicate with CEOs and convince CIOs of their importance will make a significant impact on the role of security professionals.” -Dave Baker, CSO, Okta
Recovery tools you need:
- Role-based administration of your recovery solution – the highest privileges only for the most security savvy
- See Ransomware
Open source vulnerabilities
“We observed certificate issues related to older hashing schemes such as SHA-1, as well as problems related to the version of ciphers supported. If some of the “big names” on the Internet are struggling to keep up, how can smaller vendors cope?” – Carl Leonard, Principal Security Analyst, Websense
Recovery tools you need:
- Compatibility of your recovery solution with the latest versions and updates of your operating systems, hypervisors and applications – never be left waiting
- See Ransomware
The best remedy for a security breach is that it never happened at all, prevention is paramount but given the sophistication of the threats that companies face, a strategy for the immediate restore of all data and applications is essential. For backup and recovery software, appliance or cloud that can do everything in the above list of recovery capabilities, please take a look at Core Datacloud’s Arcserve UDP Service.
