Wednesday morning. Vince*, the CEO of an e-commerce business, discovers that his computer network is down. Passwords have been changed, emails deleted, and databases wiped out; no question about it, the company is the victim of a cyberattack. Despite substantial damage, Vince doesn’t panic. He knows that he can rebuild his servers thanks to his backups and that he will be able to process the 5,000 orders he receives daily. Unfortunately, the CEO is wrong. The hackers have also encrypted the valuable backups, rendering them useless. It is at that moment that the fraudsters inform Vince that he will have to pay a ransom of 1.2 million dollars if he wants to recover all his data and resume his operations.
This disaster scenario, many business leaders have experienced it in recent years. Indeed, according to a Statistics Canada study, nearly one in five companies was a victim of cybercrime in 2019. unfortunately, nearly 60% of businesses that fell victim to a cyberattack were forced to close their doors after six months.
What’s more, the situation is likely to worsen in the near future. The pandemic and related lockdowns have forced companies to reorient their business activities online, giving Web criminals more opportunities to exploit the flaws in their IT security plans.
The mirage of Backups
Like Vince, many business owners believe they are immune to security breaches because they make regular backups. In reality, whether your backups are stored on local hard drives, on a cloud service or on external media located offsite, this does not guarantee security.
“If you or your IT administrator are able to access your backups, and thereby compromise them, then so can a hacker,” indicates Yann Claudio, Vice President of My Technician. Hackers entrench themselves into a company’s computer network for an average of six months, adds Mr. Claudio. Undetectable, the digital mobsters take advantage of this period to steal sensitive data and encrypt access to servers and backups.
It is also because of this prolonged surveillance that hackers are able to recognize and thwart backup rotation routines. “There is a misconception that rotating backups is a secure practice. It isn’t. After 180 days of monitoring your practices, an ill-intentioned individual will have managed to encrypt all your backups and it is no longer you who has the key to decipher them. That’s when he’ll also encrypt your servers and demand a ransom,” adds Claudio.
When a cyberattack occurs at a company whose computer backup policy is flawed, the company often has to resort to using backups that are many months old. The information contained within may be outdated, no longer relevant or simply unusable. But these backups have to have been made in the first place!
This becomes a real headache when the administrator attempts to extract viable data from each available backup and combine it together to rebuild the network.
The consequences are disastrous. The fraud on Vince’s network resulted in a costly shutdown of his operations and significant revenue losses, not to mention the damage to his credibility in the eyes of his customers and suppliers.
Email phishing is one of the most common ways used by fraudsters to infiltrate networks. Through an email that seems legitimate, they trick their victims into sharing their sensitive information, thus enabling hackers to impersonate the user, take control of their inbox, steal their data, encrypt it and eventually demand a ransom payment.
To limit at the source the risk of being infiltrated by malware, many SMBs implement a data security plan. Some even go as far as sending their employees test emails to assess their reaction to the work of a hacker.
A security plan
The best way to safeguard against the consequences of a cyberattack is to store data backups offsite on a highly secure cloud that is inaccessible to both the company and its IT administrators. If a fraud occurs, you need only contact the service provider to restore the corrupted files or IT infrastructure.
“There is no such thing as zero risk. So if you get hacked, the most important thing is not to lose any data. That’s why the backup solution needs to be highly secure and reliable. If we don’t have access to our backups, they are safe,” Yann Claudio states.
There are several ways to protect yourself from ransomware and thus avoid cyber-extortion. At My Technician, we offer a three-tiered IT security solution for increased reliability. First, all of your files, databases, applications and operating systems are stored on an isolated local storage that is equipped with an automatic system to check the integrity of your backups. These copies are then encrypted and transferred to our service provider’s cloud before being duplicated to a second data center that is inaccessible to our team. Should there be a breach, your valuable data would be one phone call away from being restored in less than 24 hours.
The idea of falling victim to ransomware—and its associated costs—is frightening to many business owners. Avoid this nightmare from becoming a reality by opting for a good data security service and strengthening your cybersecurity plan.