Cyber Security in an all-digital world

However, the trade-off between convenience and security may inadvertently expose forward-thinking governments to a broader range of vulnerabilities.

The stakes are getting higher for all as cyber threats have an increased capacity to interrupt a world that prioritises digital interactions. According to a recent report by Trend Micro, 2016 represented a record year for enterprise breaches. Asia-Pacific bore the brunt of cyberattacks with the highest number of attempted threats across different forms, especially for online banking malware and ransomware. 2016 also saw distributed denial-of-service (DDoS) attacks gaining traction worldwide, with breaches turning unsecured Internet of Things (IoT) devices into zombie bots.

Singapore’s telco infrastructure experienced its first DDoS attacks, unprecedented in scale, nature, and complexity. Arising from malware-infected routers and webcams, the attacks caused temporary downtime and brand damage, forcing some of local telco Starhub’s home broadband users offline. In addition, our neighbours in Australia experienced a nation-wide crisis when their eCensus was hit by a major DDoS attack, preventing thousands of Australians from taking part in the census. Additionally, the attack led to a hardware failure, the overload of a router, and a false alarm about the attack, causing a total downtime of 43 hours and significant embarrassment for the Australian government, prompting outcries from citizens and the opposition.

While the tools used may evolve over time, the strategy to combat these threats remains focused on two main areas: prevention and creation of solid business continuity plans. Prevention efforts focus on careful treatment of privileged accounts and control of permissions, ensuring regularly updated antivirus and anti-malware scans and awareness training for employees. While prevention remains paramount, the creation of a solid business continuity plan will grow in importance in an all-digital world, where everyone will rely on and expect 24.7.365 availability of data and services.

Creating a solid business continuity plan depends on conducting regular data backups, along with verifying the integrity of those backups and securing them by ensuring they are disconnected from the computers and networks they are securing. The timeless rule for failure scenarios is the 3-2-1 backup rule–3 copies of the company data should be saved on 2 different media and 1 copy should be offsite. The “1” in the 3-2-1 rule continues to play an important role especially in an all-digital world as it does not allow for direct data access, providing protection against ransomware.

Even as organisations improve their cyber security plans, a balance needs to be struck between protection and business continuity. Without constant availability to data and services, downtimes caused by cyberattacks will have repercussions beyond simple inconvenience.

Based in Sydney, Australia, Veeam offers solutions that deliver availability for the Always-On Enterprise. The company was founded in 2006 and has 45,000 ProPartners and over 230,000 customers across the globe.