Include:
Tech
Cybersecurity
Business Strategy
Channel Insights
Stay Connected
Acer America
Acer America Corp. is a computer manufacturer of business and consumer PCs, notebooks, ultrabooks, projectors, servers, and storage products.

Location

333 West San Carlos Street
San Jose, California 95110
United States

WWW: acer.com

ChannelPro Network Awards

hello 2
hello 3

News

December 8, 2023 | Tony Liau

Point of View: MSPs Need a Strategic Approach for Fortifying Cyber Defense

Object First’s Tony Liau shares his perspective on how preventing reinfection is a crucial element of a data protection strategy that IT services providers cannot afford to ignore.

In a world where ransomware attacks are common, and too many cybersecurity strategies promise more than they deliver, companies of all sizes feel lost and unsure how to safeguard their data.

Now, more than ever, they lean on their managed services providers for guidance on smart technology investments and effective strategies to insulate their data from threats.

Most businesses understand how vital backup is, but many overlook the potential risk of reinfection during the data restoration process. Veeam’s 2023 Ransomware Trends Report reveals that 56% of companies are susceptible to reinfection during data restoration following a cyberattack. Addressing the prevention of reinfection is a crucial element of the data security dialogue that MSPs cannot afford to ignore.

Understanding Reinfection

Reinfection can manifest in two ways.

First, parts of the data uploaded to storage may have already been infected with malicious code. This is far from a rare occurrence, as cybercriminals can infiltrate a network, often remaining unnoticed for extended periods, and can corrupt files undetected by cybersecurity software. Companies that automate their backups might inadvertently continue with scheduled backups even post-discovery of an attack.

Tony Liau of Object First

Tony Liau

Without careful restoration to a pre-exposure point, restoring this data could redeploy the malware, effectively causing reinfection of the primary network. Practically implementing this can prove challenging. There’s a significant risk of losing several days’ worth of hard work by the organization’s workforce.

The second infection pathway involves threat actors specifically targeting backup data files. Veeam’s ransomware report states that an alarming 93% of ransomware attacks deliberately target backups, and three out of four backup repositories are impacted by a ransomware attack.

There are ways to alleviate these scenarios, but they are often overlooked. In their rush to minimize downtime and maintain the continuity of customer or employee services, organizations might neglect to verify that the recovered data is free from malware. There’s also a risk of restoring data before fully understanding the ransomware strain or threat actor.

Furthermore, SMBs may simply lack awareness of these risks or the knowledge to implement suitable safeguards against reinfection. IT services providers can play a pivotal role by enlightening these clients on the potential dangers during the restoration phase and the tools to mitigate risk.

The Road to Reinfection Prevention

The foolproof approach to eliminate the risk of reinfection involves a combination of immutable storage for protecting data against ransomware attacks targeting backups and comprehensive malware scanning to ensure no corrupted data gets reintroduced into the environment.

Endpoint protection and antivirus software can help detect any corrupted code, but backup and recovery solutions also need to implement malware scanning. Staged restores could also be beneficial, allowing organizations to validate the cleanliness of the data at a temporary location before initiating the complete restoration process.

Now that ransomware attacks are targeting backups, immutability is a must-have. Immutable backups can’t be changed once written to storage, securing them from potential encryption, infection, or deletion, whether accidental or intentional. While immutability can’t prevent reinfection from already compromised data, it provides reassurance that backup data remains secure. Immutability plus scanned and staged restores are the only way to recover from an attack effectively.

It’s crucial that MSPs and their clients don’t rely solely on one protective measure—a combination of protection/ detection software and immutable backup is needed to ensure a seamless restoration process. Alone, these precautions are significantly less effective at preventing reinfection. However, with both components in place, MSPs can restore their clients’ data with complete confidence.


Tony Liau is vice president of product for Object First, a data storage startup on a mission to simplify data protection for Veeam customers.


Editor’s Choice

Deepfakes + Generative AI = Major Problems for Business

May 14, 2024 |

Deepfakes that can’t be distinguished from reality threaten to shatter the fundamental hierarchy of human trust and impact businesses.

Deep Dives and Round Ups: Why MSPs are Lining up for Online Events Again

May 9, 2024 |

Discover how MSPs can leverage ChannelPro’s online events to enhance industry knowledge, participate in engaging tech discussions, and drive business success.

Built for the Channel: How AI and Deep Learning are Transforming the SOC for Partner Ecosystems

April 30, 2024 | Tony Pietrocola

The rise of AI-driven attacks has increased the need for an AI-driven response to allow MSPs and SMBs to move at the speed of an attack – not just in response to one.


Related News

Growing the MSP

Explore ChannelPro

Events

Reach Our Audience