The anatomy of cyber threats has changed, meaning that organisations can no longer rely on traditional cybersecurity solutions to protect their perimeter, but should instead rethink their data protection strategy and become proactive in their defence against breaches. Modern cyber threats have become far more intelligent, and can reside on an organisation’s network and devices for months before executing an attack to analyse and find vulnerabilities to target. Data typically resides on premises, in public and private clouds, in software-as-a-service (SaaS) applications, and on end user devices. The perimeter that organisations must protect is becoming increasingly huge.
At the same time, traditional point solutions for data protection are no longer adequate, while comprehensive solutions are very hard to come by. This is driving the need for next-generation data protection with active defence, which will enable organisations to effectively protect their perimeter.
So, how do cyberattacks happen in the modern era? Bad actors typically access an organisation’s devices and networks, where they remain latent for quite some time. They then start to do some damage by executing their payload, encrypting or exfiltrating and leaking data. Then they disable applications from operational recovery, and prevent the organisation from doing further backups. Simply put, they wreak havoc and cause damage to the network.
Fast attack
On average, it takes 84 minutes to execute the attack, which is a drastic drop in the attack vector in that aspect. On the other hand, the entry point has been extended because cybercriminals have become a lot more intelligent and do a significant amount of analysis before they attack, figuring out where the data points are and where sensitive data resides, to determine how to attack it.
Once enacted, the attack itself is very short. The surprising part for many organisations is that 93% of attacks target backup repositories as they contain all their critical data. This is the easiest target to go after, and raises the need for organisations to rethink their data protection strategies. Modern enterprises need to deploy next-generation solutions, as many of the data protection solutions in the market are not geared to protect against what is happening now.
To make things worse, according to the latest cybercrimes trends published by Crowdstrike, malware-free cyberattacks have reached 71% of the breaches recorded annually. This is not good news, as it means that valid credentials were used to gain access to systems and to have privileges as the legitimate user of a targeted device. This also means that targeted organisations did not even know they were being attacked.
Nizar Elfarra, regional sales engineering leader at Commvault.
Moving in between
Modern-day cyber threats are essentially moving in between traditional data protection solutions and the organisation’s last line of defence (backup and recovery). It is at the intersection of these two points where traditional solutions, perimeter security, and the last line of defence are not catching these threats.
This trend is driving the need for the next-generation data protection with active defence. This means that an organisation’s data protection solution needs to start assessing its data at a much earlier stage. This is because bad actors often gain access to an environment more than six months in advance.
Organisations need to be a lot more proactive, and thus minimise the use of the last line of defence by being able to detect bad actors much earlier on. This can be done with early threat detection, checking for suspicious activity, early warning, and threat and risk analysis.
Recovery as a last line of defence is necessary, but is not enough. With the growing sophistication of cyber threats, organisations need to understand that there are many measures they can and should put in place to prevent bad actors from reaching their last line of defence.
© Technews Publishing (Pty) Ltd | All Rights Reserved
printer friendly version