fbpx
(661) 281-4000

Disaster Data Recovery: Are You Prepared?

Most businesses have now gone digital, taking their processes online and storing data in the cloud and whatnot. While speedier transactions and greater portability make this technique very convenient, it also poses some risks. One of these is the risk of digital disasters and possible security breaches from all directions. In other words, if you aren’t vigilant, all of your company’s data can be stolen or encrypted. Do you have a disaster data recovery plan in place that meets all of your requirements?

 

Unforeseen Disasters And Breaches In 2021

 

In recent years, there have been numerous disasters that have affected global companies in different industries. Most of the attacks in 2021 came in the form of ransomware that took advantage of human gullibility.

 

The electronics company Acer took a hard blow in cyber-attacks in 2021. Overall, they ended up dealing with a $50 million ransom demand that a notorious hacking entity called ReEvil supposedly asked for in exchange for the return of a massive amount of stolen digital data.

 

In April of this year, Facebook suffered a security breach that exposed the personal information of over 530 million users. Screen scraping is a technique used by hackers to get information from websites. It’s how they were able to access the data files of almost 92% of LinkedIn members and obtain personal details like emails or phone numbers!

 

Because of the lockdowns and work-from-home setups, previously protected information became exposed in the digital world. Luckily, most companies had reliable security policies that protected data coming in and out of their office networks. However, with most individuals working remotely and using devices, it is difficult for a corporation to keep control over their security network, necessitating an upgrade.

 

The Importance Of Proper Preparation And Safeguarding Your SMB

 

Business owners often make the mistake of believing that something like this will never happen to their company. They like to believe that because they are a tiny firm, no hacker would be interested in attempting to compromise them. As a result, many don’t even bother to take precautionary measures to protect their small or medium-sized businesses from potential threats.

 

Unfortunately, small and medium-sized businesses are easy to crack and are typical targets of these hackers. Many companies lack the appropriate infrastructure and security tools to protect themselves from cyberattacks. To keep from being a victim, you must partner with a managed services provider that can provide you with an ironclad disaster data recovery plan.

 

Creating A Good Disaster Recovery Plan

 

Disaster data recovery is a serious matter that should not be taken lightly. The process of developing this plan entails a great deal of deliberation and decision-making.

 

Begin by defining a sensible recovery time objective (RTO). This process is the amount of time you expect to be fully back on track after disaster strikes. The shorter the RTO, the more expensive the disaster data recovery will be, so you need to consider this.

 

Also, make sure to clearly outline the duties and responsibilities of each individual employee in your organization. In addition, establish a clear communication plan as well as security protocols.

 

Of course, the most crucial parts of disaster data recovery are having offsite data backup and installing dependable and updated anti-spyware tools on all the devices used for business procedures. You should also test your disaster recovery plan with your staff. That is the only way to find out if it works.

 

Hire A Professional MSP For Disaster Recovery

 

As you can imagine, disaster recovery is a complex matter. If you want to know that your plan can protect you, the best option is to have a fully managed disaster data recovery solution from a reliable MSP. 2021 slammed us with a plethora of serious security threats for SMBs, and it’s scary to think of what 2022 might bring.

 

Ensure the safety of your company now before it is too late! Contact us today, and we will show you how.

On Monday, February 12th, TheHackerNews reported that the Pyeongchang Winter Olympics taking place in South Korea was disrupted following a malware attack before and during the opening ceremony on Friday. Travis Day of ARRC Technology stated in response to the attack, “It is a DDoS (distributed denial of service) and is common for large scale events like the Olympics. The new threat on the rise is cryptojacking and its replacing ransomware on the threat landscape as explained in a recent article with Wired.com.”

The cyber attack coincided with 12 hours of downtime on the official website for the Winter Games, the collapse of Wi-Fi in the Pyeongchang Olympic stadium and the failure of televisions and internet at the main press center, leaving attendees unable to print their tickets for events or get venue information.

The Pyeongchang Winter Olympics organizing committee confirmed Sunday that a cyber attack hit its network helping run the event during the opening ceremony, which was fully restored on 8 am local time on Saturday—that’s full 12 hours after the attack began.

Multiple cybersecurity firms published reports on Monday, suggesting that the cause of the disruption was “destructive” wiper malware that had been spread throughout the Winter Games’ official network using stolen credentials.

Dubbed “Olympic Destroyer” by the researchers at Cisco Talos, the wiper malware majorly focuses on taking down networks and systems and wiping data, rather than stealing information.

The Talos researchers would not comment on attribution, but various security experts have already started attributing the Olympic Destroyer malware to hackers linked to either North Korea, China or Russia.

According to the analysis by Cisco Talos, the attacker had intimate knowledge of the Pyeongchang 2018 network’s systems and knew a “lot of technical details of the Olympic Game infrastructure such as username, domain name, server name, and obviously password.”

“The other factor to consider here is that by using the hard-coded credentials within this malware it’s also possible the Olympic infrastructure was already compromised previously to allow the exfiltration of these credentials,” researchers said.

The Olympic Destroyer malware drops two credential stealers, a browser credential stealer and a system stealer, to obtain required credentials and then spreads to other systems as well using PsExec and Windows Management Instrumentation (WMI), two legitimate Windows administration tools used by network admins to access and carry out actions on other PCs on a network.

The researchers noted that both built-in tools were also abused by the Bad Rabbit ransomware and NotPetya wiper malware last year.

Once installed, the malware then first deletes all possible “shadow” copies of files and Windows backup catalogs, turn off recovery mode and then deletes system logs to cover its tracks and making file recovery difficult.

“Wiping all available methods of recovery shows this attacker had no intention of leaving the machine useable. The sole purpose of this malware is to perform destruction of the host and leave the computer system offline,” reads the Talos blog post.

It’s difficult to accurately attribute this cyber attack to a specific group or nation-state hackers due to sparse of technical evidence to support such a conclusion as well as hackers often employing techniques to obfuscate their operations.

 

RELATED ARTICLES:

How to Protect Yourself on Public Wi-Fi