The US government wants to convince nation states to stop paying ransoms for ransomware. The aim is to ensure that cybercriminals' business model is drained.
In addition, states that indirectly support ransomware should be isolated internationally and the associated infrastructure dismantled. This could be the hoped-for starting point for a global ban on ransomware payments.
Legal risks
In times of need, companies often resort to this last resort to buy out their hijacked data and systems. Taking this emergency exit is becoming increasingly risky. Companies will soon have to expect that ransomware will incur legal risks in addition to downtime costs. They should therefore shift their defense strategy from perimeter protection to cyber resilience. This is the ability to maintain the most important business processes even during a successful attack and to analyze the attack in parallel. This works with the help of the following tips:
- Modern data security and management solutions regularly backup all production data in immutable snapshots. These map the life cycle of live data and show its status from yesterday, the last week and the last month or even the last year. This allows systems and data to be restored to a clean state.
- Companies should To do this, place a data-centric focus on cyber resilience. They need to ensure that their data is merged from the different server and storage environments. Unified governance, detection, response, and recovery capabilities ensure a high level of resiliency.
- Companies need to know exactly what this means, which IT processes and data are most important and how they are related. To do this, the systems must be prioritized in resilience categories. The highest category includes the most important data, systems and processes whose loss or failure would cause the greatest economic damage. These should be monitored particularly closely and designed for a high level of reliability, for example through short backup intervals and highly secure storage.
- Modern solutions for data management and security monitor these systems and their current status using AI. Trend analyzes show how the data volume behaves and whether there are deviations from normal processes. In this case, those responsible are immediately alerted to examine indicators for possible attacks.
- With the help of forensic analysis Companies can detect artifacts from cyberattacks and track the path of the attackers. To do this, they analyze the snapshot files for configuration changes, new fake accounts or malware fragments. Based on the insights gained, they can remove all traces of the malware and close their vulnerabilities to avoid further attacks.
About Cohesity Cohesity greatly simplifies data management. The solution makes it easier to secure, manage and create value from data - across the data center, edge and cloud. We offer a full suite of services consolidated on a multi-cloud data platform: data backup and recovery, disaster recovery, file and object services, development / testing, and data compliance, security and analytics. This reduces the complexity and avoids the fragmentation of the mass data. Cohesity can be provided as a service, as a self-managed solution, and through Cohesity partners.