SoylentNews is people
SoylentNews
Backups 'no longer effective' for stopping ransomware attacks:
The growth of double extortion – and even triple extortion – ransomware attacks is in danger of rendering common, traditional methods of mitigating the impact of a ransomware hit, such as well-maintained backups, less efficacious, according to a report from machine identity specialist Venafi.
Data collated from Venafi's worldwide survey of IT and security decision-makers reveal that 83% of successful ransomware attacks now involve alternative extortion methods – for example, using stolen data to extort customers (38%), leaking data to the dark web (35%), and informing customers that their data has been compromised (32%). A mere 17% of attacks merely ask for money for a decryption key.
Venafi said that this means that because ransomware attacks now rely on data exfiltration, effective backup strategies are therefore to some extent "no longer effective" for containing a breach.
"Ransomware attacks have become much more dangerous. They have evolved beyond basic security defences and business continuity techniques like next-gen antivirus and backups," said Kevin Bocek, vice-president of business development and threat intelligence at Venafi.
Venafi also found that cyber criminals are increasingly following through on their threats whether or not they get paid. Indeed, 18% of victims had their data leaked despite paying, while more than the 16% who refused outright to pay anything and had their data leaked. Some 8% refused outright, but then had their customers extorted; and 35% paid, but were left hanging, unable to retrieve their data.
(Score: 5, Insightful) by mcgrew on Saturday February 26 2022, @03:44PM (4 children)
However, maybe I should start keeping the documents folder on a thumb drive, backed up on another thumb drive and not let it on my network at all. None of the other files on my network or computers have any sensitive data.
Backing up your data is still good practice. Malware and extortion are no worse than a drive going bad without backups. Your backed up data can be read, but not deleted by bad actors.
Carbon, The only element in the known universe to ever gain sentience
(Score: 3, Interesting) by HiThere on Saturday February 26 2022, @09:20PM (3 children)
Yes, but...
The problem is that the thumb drive can be accessed and/or modified when you insert it to update the data. Better is to write that data to a write only medium. Multi-session CDs used to be good for that, but I don't know what the modern replacement is.
Of course, that doesn't solve the extortion problem.
Javascript is what you use to allow unknown third parties to run software you have no idea about on your computer.
(Score: 2) by Freeman on Monday February 28 2022, @05:27PM (2 children)
For Big Data, you've about only got Tape at that point? They do have a read-only notch on the cartridge, right? For Optical Discs, you have DVDs, 4.7/8.5/9.4/17.08GB capacities and Blu-Rays, 25/50/100/128GB capacities. Both of which can hold vastly more than a CD with typical capacities between 600-700MB.
Joshua 1:9 "Be strong and of a good courage; be not afraid, neither be thou dismayed: for the Lord thy God is with thee"
(Score: 2) by HiThere on Monday February 28 2022, @09:16PM (1 child)
The point isn't "read only", it's "modification not allowed". That's why I mentioned multi-session CDs. A write notch doesn't mean the same thing. Yeah, and floppy disks used to have a manual switch that you could push up to mean "write not allowed", but that didn't allow you to write an extension.
Also, the comparison here is with a thumb drive. Tapes are a different league. Perhaps DVDs or BluRay disks allow "read or append only" access, I don't know.
Javascript is what you use to allow unknown third parties to run software you have no idea about on your computer.
(Score: 2) by Freeman on Monday February 28 2022, @11:32PM
DVDs and Blu-Rays, work like CDs. You would have to hack the drivers or something to get a CD/DVD/Blu-Ray drive to modify a Read-Only Disc.
https://www.sony.com/electronics/support/articles/00024787 [sony.com]
So far as I know, they are as resistant to writing over as a multi-session CD / CD-R. You can also create multi-session DVDs and Blu-Rays. Also, I wouldn't recommend using a multi-session disc for "backup safety". Since you're not normally able to read that disc on a different computer.
Joshua 1:9 "Be strong and of a good courage; be not afraid, neither be thou dismayed: for the Lord thy God is with thee"