Since entering the scene ten years ago, ransomware continues to evolve and dominate headlines. According to the 2023 OpenText Cybersecurity Report, the average ransomware payment hit an all-time high of $408, 643 in the last quarter of 2022 and a median of $185,972. This median indicates that ransomware attackers are increasingly targeting small and medium-sized businesses because they can launch more low-profile attacks with less risk.
What’s even more concerning for the threat landscape, is that Windows and Linux based systems are both being targeted, and malware variants can now encrypt files at record speeds. Even with different operating systems, hardware configurations and files, LockBit can encrypt 53.85 GB of data in as little as four minutes and nine seconds. This leaves IT teams very little time to react from the infiltration of the system to the attack. Unfortunately, with rising costs many of these businesses have been forced to cut their cybersecurity programs. Leaving them vulnerable and unequipped to deal with an attack.
Although this seems to be the perfect storm, there are precautions businesses can take to thwart ransomware attacks. The best way that businesses can strengthen cyber resilience is to adopt a multi-layered approach. This enables businesses to tactfully protect themselves from as many attack strategies as possible. At the bare minimum, businesses should:
- Keep programs and systems up to date with the latest patches and versions. Failing to do this often leaves known vulnerabilities on systems –which is an easy access point for threat actors to infiltrate the network.
- Educate employees on how to recognize phishing attacks and scams. Even with the strongest defenses, threats and malicious insiders can find a way into a network. Through continuous education, employees can help ward off social engineering attempts and threats by reporting suspicious emails.
- Protect devices and data throughout the organization. At the bare minimum, protect devices with antivirus and endpoint protection capabilities to prevent attacks and preserve business-critical data with a backup and recovery solution.
Backup and recovery: An essential component of cyber resilience
The best way to protect your business – and your data – is with multilayered approach. This should include elements of protecting your network from a variety of attacks, detecting attacks quickly and mitigating risks easily, and recovering any data loss quickly so that you can resume business.
Moving forward in 2023, to be cyber resilient businesses need to revisit these backup best practices to protect their organization and their data. At a minimum, businesses should:
- Backup critical data from all devices. Data in the organization is everywhere – including employee laptops and PCs. If they are working on a project, employees often save documents and files on their endpoint device. To ensure that important files do not get lost, backup every device throughout the organization – regardless if it is deemed business-critical or not.
- Test backup sets often to gain assurance that all your business-critical data can be restored quickly and easily. By testing backups on a regular cadence, it can be easier to identify if there are critical servers or data sets that are missing from your plan.
- Review or create cyber resilience plan to ensure that you have all the necessary precautions in place to help prevent threats from happening in the first place. In addition to developing and reviewing a plan, it is important to stay up to date with the latest threats in the industry. Doing this can help you identify and address any potential holes in the network.
- Consider consolidating where you can. Juggling multiple vendors, products, and services can be time consuming and costly. Through consolidation, you gain expertise with the tools and solutions that are used – allowing you to use all the features and functionalities within a solution. Should a problem arise, dealing with fewer vendors can save you time.
OpenText Cybersecurity: Your partner in cyber resilience
At OpenText Cybersecurity, we bring together best-in-class solutions to help your business be cyber resilient. Together our solutions can prevent and protect against threats from happening in the first place, minimize the impact by quickly detecting and responding, recover data seamlessly to help you reduce the impact, and adapt and comply with changing regulations. In our growing portfolio, we have numerous solutions to help you strengthen your defenses and protect your business – and data – from persistent threats. To learn how to strengthen your defenses, schedule a call with one of our experts.
To learn more about emerging threats and how the threat landscape is evolving download a copy of the report here.