By Rick Vanover, Senior Director of Product Strategy at Veeam
Often, when a citizen interacts with a government agency, a piece of personal information is provided and stored. This means ransomware attacks threaten the exposure of both internal government data as well as citizen information.
Being the proprietor of citizen data – from motor vehicle records to photo identification documents – puts government agencies in a more precarious position than private companies.
According to a recent Maximus research brief, 91% of the responding federal employees indicated that “they have all, most, or some systems and solutions in the cloud.” The current work from home environment the pandemic helped cultivate caused cloud capabilities and by extension, SaaS, to become a necessity for government and private industries alike.
It is estimated that the federal government spent over six billion dollars on cloud computing in 2020, a figure that is expected to increase in the future.
As we evolve how and where we store personal data, our adversaries too evolve the means in which they target it. And, because of this increase in personal information being stored on the cloud, bad actors are more frequently targeting cloud capabilities.
With the Office of Personnel Management’s recently released telework guidance, the recommendation to increase telework access means continued reliance on cloud and SaaS, and the accompanying potential for cloud-targeted ransomware attacks.
It is projected that by 2025, 75% of IT organizations will be hit with at least one ransomware attack, it’s more important than ever that agencies using SaaS and cloud programs back up their data.
A Three Step Process for Government Agency Resiliency
Cloud and SaaS capabilities will continue to be staples for federal agencies so, how can the government make sure they protect and backup data to prevent ransomware attacks?
For government agencies to effectively protect cloud-hosted data and the associated web-based software, they need to know their opposition, implement a strong backup infrastructure, and deploy processes to deal with the aftermath of an attack.
Ransomware attacks tend to go after remote access methods that are not built in a secure manner), utilize phishing attacks or capitalize on system vulnerabilities. By implementing secure remote access, training employees about phishing and ensuring systems and software are always up-to-date, agencies can take a preventative stance against ransomware.
Because ransomware agents seek to block system access in exchange for payment, the best defense against these attacks is a strong backup infrastructure and data protection system.
Implementing multi-factor authentication for SaaS applications can strengthen data protection because it strengthens accessibility requirements. And, while it goes without saying that data should always be backed up, it’s especially important that cloud-based data backups are stored on devices that aren’t connected to a network. According to Veeam’s 2021 Cloud Trends Report, more than half of SaaS admins agree that data should be backed up to protect an agency against a cyber event.
And, while many government agencies already utilize data encryption, they should take that practice a step further by encrypting backups for an added layer of protection.
Unfortunately, no matter how well agencies are prepared, ransomware attacks are still likely to occur in the coming years. Therefore, it’s imperative that government is prepared to handle a successful attack and has the necessary processes in place.
To start, government agencies should have an emergency contact list prepared that identifies who and how to contact the necessary IT teams, employees and external resources in security, incident response and identity management.
Prompt response can ensure necessary data is more effectively recovered as well as aid in minimizing the risks related to the data that has been lost. If the data loss impacts citizens and their personally identifiable information, cross-agency collaboration is likely to ensure the appropriate measures are put in place to protect those affected.
After a Ransomware Attack, Rebuild and Start Again
Ideally government agencies won’t see an increase in ransomware attacks on cloud capabilities even as systems more frequently leverage them because of the uptick in remote work. To remain vigilant, they should know their potential enemies, implement a strong backup infrastructure, and deploy processes to deal with the aftermath of an attack.
About the Author
Rick Vanover is a Senior Director of Product Strategy at Veeam. Rick is an expert in intelligent data management and backup. In his role at Veeam, Rick sits at the crossroads of many types of storage. Whether it is storage systems, critical application data, data in the cloud or data anywhere in between; Rick has experience in the data management practice as IT practices change with new technologies. Follow Rick on Twitter @RickVanover and he can be reached online at www.veeam.com