If ransomware wasn’t already causing IT professionals loss of sleep at night, a new advisory recently issued, just might. The U.S. Dept of Treasury has issued an advisory that focuses on the sanction risks associated with the ransomware payments related to malicious cyber activities. This means that not only do IT professionals need to ensure their network is secure, but if their organization solely relies on cyber insurance to get back to business quickly, they’ll need to be sure their company and their insurer or financial institution negotiating on their behalf are not funding terrorists organizations. The question is, how do companies and negotiators know who they’re dealing with?They don’t really know.Companies and their negotiators are still at risk of being held responsible regardless if the parties knew or had reason to know.
Making payments emboldens cyber criminals and perpetuates this vicious cycle of attacks and payments. Did you know there is a ransomware-as-a-service (RAS) offering and a help desk somewhere in the dark web? When your company pays the ransom, it is funding these malicious operations. To protect your network, you pay top dollars to equip your data center with the latest in data protection. Next, you insure with the best cyber insurance policies available. All of this is good, but relying on cyber insurance to get back to business after a cyber event has become a national security issue. Enterprise organizations, whether private sector or government, need to step up their business continuity plans or they may risk violating OFAC regulations according to the U.S. Treasury Department. At the risk of sounding like a broken record (I’ve blogged about this before), organizations need to turn the page on this chapter. Start by:
- Being pro-active in your data protection strategy – protecting your network comes in layers.
- Securing with an offline “air-gapped” copy (supplemental insurance).
- Organizations need to “unlearn” relying on cyber insurance to get back to business quickly.
从上面实施点和两个将在很大程度上减少您必须支付赎金软件的机会，因为您将使用时间测试的策略准备，这将有助于您快速返回业务。例如，稳定备份策略将包括保持数据磁盘（热数据），磁带（脱机）和异地的副本，如云（异地）。简单地说，遵循备份规则3-2-1-1,which means: 3 copies of your data, 2 different media types, one offsite, and one offline. The third point is behavioral, and it starts at the top by re-setting policies to get back online.
将继续公司的赎金的体积rease rapidly unless victim behavior changes. All reports point to more aggressive cyber spying and targeted attacks with insidious methods that bypass behavioral algorithms used by cyber software companies. If criminals have the funds, they will find a way to penetrate your network and disable your online backups. Quantum has designed a solution to protect organizations against ransomware that enables faster recovery. This offers a true air-gapped勒索制造器protection with an offline, in-library vault for onsite backups. The benefits are:
- Archive, on-site, long-term vaulting, replaces external shelf storage
- Backup, short-term vault prior to sending offsite
- Removes the need of manual handling tapes
Let’s remember, a virus cannot bypass a physical barrier formed between your data and the network.It is and will continue to be the most cost-effective form of ransomware protection. As you evaluate ransomware data protection strategies, think about the losses associated with a successful attack to your organization: revenue, clients, reputation, and more. Increase your awareness. You could possibly be sponsoring foreign cyber-terrorism. A small investment can reap a great return.