Ransomware is a type of malware that encrypts a victim's data, making it unusable to them. In essence, it puts a lock on your data and wants ransom for the key. What makes these attacks so devastating and a threat to corporate groups is that the party attacked loses all access to their data, bringing their whole operation to a halt. As a provider of a cloud-based transport management system with customers worldwide relying on a stable database, Riege Software observes these developments with great interest. Continuously working on system improvements to protect our customers' data.
Data access denied
As ransomware attacks have increased, their focus is shifting from enterprises to Managed Service Providers (MSPs) and their customer networks. According to a report by bitkom (German Association for Information Technology, Telecommunications, and New Media) on business protection in the digital world, around three-quarters of commercial enterprises in Germany alone were affected by cybercrime attacks in 2019, with around 70% suffering economic damage as a result of data theft. The scam is both sophisticated and effective. Once the data is encrypted and there are no further backup copies, the companies cannot access their data until they have paid the ransom. The extent of the resulting economic damage is enormous.
Recent attempts at extortion
The latest ransomware attack on a U.S. IT and Security Management Solutions company in July 2021 hit dozens of MSPs with full force. According to the London-based news agency Thomson Reuters, “between 800 and 1,500 businesses around the world have been affected.” (https://www.reuters.com/technology/hackers-demand-70-million-liberate-data-held-by-companies-hit-mass-cyberattack-2021-07-05/)
Because cyberattacks have increased significantly in recent years, the federal authorities of various states have taken it upon themselves to combat cybercrime. As part of a series of 60-day sprints, U.S. Department of Homeland Security Secretary Mayorkas outlined the importance of cybersecurity efforts on a national level facing the threat of Ransomware attacks on U.S.-based companies, also launching a new campaign called “#becybersmart” and building an internal task force with representatives from its Cybersecurity and Infrastructure Security Agency (CISA), the U.S. Secret Service, U.S. Coast Guard, as well as its policy, legal, public affairs, and Congressional experts. (https://www.dhs.gov/topic/cybersecurity)
The federal Office for Information Security in Germany stated in their 2020 annual reports foreword on the State of IT Security in Germany, written by Horst Seehofer, the Federal Minister of the Interior, “Cyberattacks are becoming increasingly sophisticated. At the same time, businesses, government, and private citizens are now increasingly dependent on IT, which increases the potential scale of damage. The coronavirus pandemic has once again underlined the unequivocal importance of IT infrastructure that is both functional and secure. In all our digitalization activities, IT security must therefore be a focus that is actively considered and implemented from the outset.”
How does Scope stay ahead of Ransomware attacks?
The quick answer:
- Scope's underlying, Linux-based architecture is less susceptible to virus attacks when compared to other platforms.
- We implement comprehensive virus scanners and firewalls to reduce the risk of infection.
- Regular data backups to multiple locations and formats make ransomware attacks toothless.
Why these three components?
While no system can rule out 100% the threat of a Ransomware attack, Scope's Linux-based infrastructure does appear to have an advantage. Ransomware typically targets desktop environments. But because Scope is confined by Linux's fine-grained user access controls and SELinux, it has technological benefits your typical desktop platforms cannot provide and raises the bar of difficulty for successful encryption attacks. Then we add another layer of security; we safeguard the Riege data centers. They are protected by an industry-standard security architecture, including virus scanners, firewalls, access control lists, partitioned network segments. We maintain a strict and timely schedule of applications patches and updates. There is a three-month patch cycle for regular updates, but we deploy essential security-related patches within three to five days. And as a final step, we back up your Scope data regularly, including replication to multiple data centers and storage on both disk and tape combined with our DR procedures.
Creating another line of defense against encryption attacks
The threat of ransomware is pervasive and should not be underestimated. It is vital that Software as a Service providers upgrade their internal security measures, enabling them to withstand these attacks. The protection of sensitive customer data is of paramount importance regarding the digital threat of malware. By holding multiple copies of your data on separate infrastructures, we give your company more options to retrieve its valuable digital information if attacked and hopefully neutralizing the need to pay a ransom.