Cybercrime has become an industry on its own and is ever changing and continually growing. Unfortunately, it is a threat to all organizations large or small around the world including cloud service providers (CSP). In this BlogBytes we will look closely at a cyberattack that occurred to a CSP and steps that you can take to help shield your company from becoming another statistic with vital assistance from LTO technology.
Cloud Service Provider Ransomware Attack
Blackbaud is a CSP serving a number of organizations including nonproﬁts, foundations, corporations, education institutions, and healthcare institutions. According to a recent listedtech.com article, “Over 50 universities in the UK, US, Canada, and New Zealand, have been affected when Blackbaud was cyber-attacked in May 2020. It is said that the hacker accessed names, titles, gender, dates of birth, student numbers, addresses, phone numbers, email addresses as well as LinkedIn profile URLs.” The article states that a ransom was paid and investigations show that there is no evidence that data has been shared by the cybercriminal. As noted at Blackbaud.com “Our Cyber Security team, together with independent forensics experts and law enforcement, successfully prevented the cybercriminal from blocking our system access and fully encrypting files; and ultimately expelled them from our system.”
How Hackers do their Dirty Work
Cybercriminals gain access to your network and the cloud through a number of methods including a DDOS attack, password hacking, malicious email links, remote code execution attacks, fake wireless access points and phishing scams. A recent CompterWeekly.com article notes that “Cyber criminals appear to be returning to phishing as a means of spreading ransomware into target organizations, reversing a recent trend towards using malicious downloaders as a first-stage payload delivery mechanism.” Phishing is the deceitful exercise of sending emails claiming to be from trustworthy establishments in order to prompt people to reveal compromising information such as passwords and credit card details. According to the article a large scale phishing attack could launch upwards of 350,000 messages to a number of countries with many exploiting the Covid-19 coronavirus pandemic trying to cunningly gain access to sensitive information.
Prevent the Attack
There are a number of precautions that you and CSPs can take to help prevent or lesson the damage from a cyberattack as noted in this recent BlogBytes. The recommendations include limiting employee access, utilizing antivirus software and firewalls, activating web and email filters, training employees and securing access points and networks. If an attack occurs a quick recovery is essential to minimize damage and to continue operations. With that in mind, a techtarget.com analyst emphasized that “organizations should have offline, immutable and air-gapped backups.” Mitigating the risks of ransomware is discussed in an IDC white paper that emphasizes that an “air gap is accomplished by a deliberate halt in the data stream.” LTO storage technology is inherently offline and air-gap protected. That means, when a tape cartridge is removed from the system it can no longer be accessed preventing malware and hackers from getting to sensitive information. The protected LTO tapes can be used to restore frozen, deleted or corrupted files as a result of a cyberattack. In addition, LTO technology offers powerful hardware-based data encryption to help protect information in the event a cartridge gets in to the wrong hands.
Preparing for a cyberattack is a necessary part of a data security plan. If your data is in the cloud check that your cloud service provider has a copy of your data stored on offline LTO tape and make sure you have another copy on LTO tape at your primary location. See more on how your data can be safe, secure and cost effective in this tape value video.