Ransomware is the most common cyber threat nowadays as several big companies have been targeted. Developing proactive ransomware response plans that prioritise the recovery of mission-critical systems is important for those working in critical infrastructure. Organisations should not pay ransoms for stolen data and they need a solid business continuity and disaster recovery (BCDR) plan.
A comprehensive, well-tested disaster recovery plan is a great way for agencies to protect their assets from an attack that could cause extended downtime, financial losses and reputation damage. These are five considerations when developing a BCDR plan:
- Backups. Developing a backup strategy is a great place for agencies to start building or rebuilding a BCDR plan. The 3-2-1 model is a standard data protection technique: store three total copies of agency data, two that are local but on separate devices, and at least one copy stored offsite. There is still risk with this strategy as more sophisticated ransomware attacks now target backup files. The most straightforward way to expand on the 3-2-1 model is simple: 3-2-1-1. For extra security for backup files, agencies should store an air-gapped copy of the data offline where ransomware cannot reach.
- Disaster recovery as a service: Self-managed DRaaS will increase in value as organizations realise the cloud’s faster operations speeds, lower costs, scalability and improved administration. As a result, agencies will be able to self-service their point objects and have hands-on management around recovery times.
- AI and automation: Not only can artificial intelligence (AI) be integrated into an agency’s cybersecurity strategy, but it can adjust to new data to make its predictions of future attacks more effective. Equally, some recovery processes can be automated and automating regular updates and patching can prevent problems.
- Cybersecurity and protection: Maintaining different cybersecurity and data protection services isn’t as effective at mitigating disaster as uniting those two solutions. The more systems agencies try to support, the more vulnerable their data and networks become. A multi-pronged solution will help agencies optimise protection, cybersecurity and disaster recovery capabilities with minimal management.
- Updating old plans: Agencies should take the lessons they learned from 2020 and apply them when they update their BCDR plans. To start, a review of policies will help agencies determine which ones are outdated and which ones should stay. IT departments must focus on solutions that provide remote access across systems and devices with cloud-based security. And last, agency disaster recovery plans should outline how their health and safety protocols address illnesses, contact tracing, sick leave and backup staff for critical processes. These updates should be included in agency crisis communications plans.
As critical infrastructures are susceptible to cyberattacks, US researchers have created a cybersecurity technology designed to lure hackers into an artificial world to protect these infrastructures. As reported by OpenGov Asia, the cyber tech is based on honeypots, which attract hackers by providing what appears to be an easy target so cybersecurity researchers can study the attackers’ methods.
While most honeypots are used to lure attackers and study their methods, this cyber tech instead uses artificial intelligence to deploy elaborate deception to keep attackers engaged in a pretend world that mirrors the real world. The decoy interacts with users in real-time, responding in realistic ways to commands.
The development of this technology is an example of how U.S. scientists are focused on protecting the nation’s critical assets and infrastructure. This cybersecurity tool has far-reaching applications in government and private sectors—from city municipalities to utilities, to banking institutions, manufacturing, and even health providers.