• TWEAK
• Software

"Sleeping" malware can be a threat to your data

Translate from : "Sovende" malware kan være en trussel mod din data

In today's ever-evolving cyber security landscape, it is critical that businesses adopt a proactive approach to data protection to effectively defend against repeated cyber attack attempts. It is no longer a matter of "if" or "when" but rather "how often" they will be hit. Modern malware attacks no longer only target organizations' data, but also their backup solutions to ensure a successful extortion attempt. Organizations must therefore implement data protection solutions that can protect both themselves and their data.

AI also finds its way into malware

In many cases, malware attacks now involve double and triple extortion threats. Not only do they deny access to an organization's data, they also threaten to publish it on the dark web. The problem is further compounded when negotiations with the attackers become impossible once the data reaches the dark web, resulting in not only financial loss but also irreparable reputational damage. At the same time, cybersecurity threats are constantly evolving, and we are seeing an increase in the use of artificial intelligence (AI) and as-a-service tools to make these attacks possible.

Organizations must therefore start using AI to combat AI, harnessing the power of machine learning and algorithms to protect against these malware attacks. Unfortunately, not many organizations are likely to detect the presence of dormant malware in their environments unless they invest heavily in man hours and resources to manually monitor environments. Malware can therefore live within the organization's systems for up to a year before coming out of hibernation.

Since malware can remain dormant within an environment and hidden from most conventional data protection tools, it can assess how data flows within an organization. Once it understands how the data flows and what data is considered critical to the organization, it will then activate itself. So while such malware is very intelligent, it is also very malicious, and companies need to find data protection solutions that are even more intelligent. If a company's data protection tools do not include some level of built-in cyber resilience, the organization runs the risk of unknowingly compromising its data integrity and security when backing up its important data.

For example, if an organization backs up a dormant malware file that is activated and a data protection solution is used to restore the affected data, all that will happen is that the malware will also be restored to a previous version and will be ready to launch another attack. This compromises data integrity and security, even with gapped backups. Organizations must therefore verify the integrity of their data before restoring it or moving it from one location to another, or risk facing a major compromise. Having intelligent tools in their production and data protection space will help organizations come out clean and unscathed from a malware attack.

Security in multiple layers

To successfully defend against such attacks, companies must find ways to layer their security. So while it is no longer a question of "if" and "when" but "how often" an attack is likely to occur - because there will always be a loophole somewhere that makes penetration possible - having adequate layers of security will enable an organization to isolate the incident and minimize its impact. In modern business life, data is the lifeblood of companies. It is critical to secure all data and maintain a focus on cyber resilience and data protection to strengthen business continuity. Ultimately, companies need to be proactive and do what they can to protect their data and leverage the tools available to maintain data security—not only for peace of mind within the organization, but also to reassure their customers that, that data integrity remains a priority. My advice is to start somewhere and take small steps, the cyber security journey is forever.