CYBERATTACKS ARE INEVITABLE
Backup! Backup! Backup! This was the clear message from experts addressing resellers, municipal and business IT operators during the Dube iConnect Impact of Cybercrime and the Importance of Cybersecurity seminar held at Dube TradePort, Durban, on Thursday June 9.
Cybercrimes were a daily experience – globally every 11 seconds – and if “you have not yet experienced an attack it will inevitably happen.”
Brynn Gerson Dube TradePort Senior Manager, Dube iConnect said that the technologically “smarter” world, in which we already live, created a greater risk of being cyber-attacked. Therefore, being savvy about cyberattack modus operandi and security was paramount.
Dube iConnect is a fully licensed ICASA service provider offering its tenants and off-site clients high speed broadband, a secure cloud hosting environment; data centre options, including advanced virtualisation platforms, dedicated UPS and generator for the on-site data centre and communications environments and the ability to provide 24/7 support, ensuring 99% uptime.
Dube TradePort tenants can rent network and voice hardware equipment which included a managed voice and wireless service, co-location services in the Data Centre and Communications environments and back-up and Disaster Recovery Services.
Looking at the cyber-attack statistics Steve Johnson Manager Commercial, Dube iConnect, said almost all (94%) ransomware attacks attempted to infect backup repositories, 47% of data was encrypted in a ransomware attack, 32% of organisations who paid the ransom still could not recover their data, 86% engaged a third party for assistance, 92% of companies have a defined ransomware response team, and 52% of companies believe that a significant or complete overhaul is needed between backup and security teams.
Ian Engelbrecht, Veeam Technical Sales Manager Africa, said a company’s data was its life blood and as the volume and data moving online increased, so has cybercrime.
“Almost all (94%) ransomware attacks attempted to infect backup repositories, 47% of data was encrypted in a ransomware attack, 32% of organisations who paid the ransom still could not recover their data, 86% engaged a third party for assistance, 92% of companies have a defined ransomware response team, and 52% of companies believe that a significant or complete overhaul is needed between backup and security teams.”
Steve Johnson Manager Commercial, Dube iConnect
A cyberattack usually starts with a phishing email or socially engineered phone call. Information gathered is used to access systems and do damage. Attackers’ modus operandi includes data encryption to hold companies to ransom, data deletion, exportation, or theft of IP with a threat to release data publicly and device locking or denial of service.
“Veeam follows the National Institute of Standards and Technology (NIST) which is a globally adopted framework with three functions – identify, protect, detect- once a threat is identified we then respond and recover”, said Engelbrecht
Unpacking this he said critical data should be identified, along with where it is located. Then strategies to protect this data should be in place. Veeam has added an additional two levels to the standard 3-2-1 (three copies of which two are on different storage media and one is held offsite) protection. These are data being immutable (locked and unchangeable copy) and zero errors across all copies of data, (3-2-1-1-0).
Once the data is protected, measures need to be implemented to detect potential ransomware or cyber threats. Monitoring and analytics will help identify potential ransomware or event or anomalies in the data. Responding to an anomaly includes having an orchestration plan in place and a recovery plan to action. Quick recovery is a business imperative. “Our protection strategy enables entities to instantly recover without copying data from one place to another” said Englebrecht.
Speaking from a government auditing perspective, Siya Makhubu Chief Executive of IT company OLIX, who has extensive public sector experience, expressed that it was vital for IT departments to educate their oversight bodies, be it Council within municipalities or Boards both within public and private entities, to get them involved in understanding the IT risks and their mitigation processes.
“The King Report has a principle that states that the oversight body is responsible for directing and overseeing ICT.
“But if the engagement model is not structured in a way that enables these bodies to do this, IT departments will consistently be small, underfunded and understaffed departments worrying about laptop functionality and passwords. They will not become an enabler of business, ensuring that the security of business data is what it should be. Most of the time security of data is done as a tick box exercise,” he said.
“An organization should have a security charter which allows you to think of the different oversight bodies that should be involved. It enables you to ensure that you have the right audience – council or board – and that they are aware of the risks and are there to support you before the auditors come.”
A major risk for government entities are their legacy systems. These outdated systems are often no longer supported and cannot be updated or changed. These risks need to be incorporated into the risk assessment and managed effectively.
As entities move to the cloud so auditors are focusing on the use of cloud and whether they have all the elements covered.
Maryann Govender Marketing Executive, Honeycomb Solution Architects (HSA), a KwaZulu-Natal black women-owned company, said research showed that more than half of businesses are unprotected when it comes to backing up their Office 365 data. This, despite an improvement in companies using third party back-up products or services.
As a Dube iConnect reseller HSA uses Veeam Cloud Connect solutions which makes it easy to access Backup as a Service (BaaS) or Disaster Recovery as a Service (DRaaS) provider without the cost and complexity of managing a second infrastructure.
It’s as easy as selecting a service provider from our global network of partners and pointing backup or replication jobs to the cloud with a few simple clicks. Data is fully encrypted at every step, backups are as safe and confidential as they would be in a dedicated off-site repository, so that data of all types is completely protected and easy to recover.