UC Advanced - issue #4

constantly evolve their techniques, exploit vulnerabilities, and leverage sophisticated tools and strategies to infiltrate storage systems. From advanced malware and phishing attacks to social engineering tactics, hackers employ many methods to bypass security measures and gain unauthorised access to sensitive data. The reality is that no storage solution can claim to be entirely impervious to cyber threats. “Ultimately, the challenge lies in staying one step ahead of cybercriminals. It requires a combination of robust security measures, regular security assessments, employee training, and collaboration between businesses, storage providers, and security experts. By recognizing the evolving threat landscape and continuously enhancing data security practices, businesses can better protect their valuable information and minimise the risks posed by hackers. “One of the significant threats facing storage solutions is the rise of ransomware attacks. Cybercriminals deploy ransomware to encrypt valuable data and demand a ransom in exchange for its release. These attacks can severely disrupt business operations, causing financial losses and reputational damage. Storage solutions must have robust security mechanisms in place to detect and mitigate ransomware threats, including real-time monitoring, behaviour-based detection, and backup and recovery strategies to minimise the impact of an attack.” But as Mercer said, attackers are getting in and businesses are weighing up the idea of paying the ransom in the hopes that the hackers will leave. That may seem a natural response, but Mole points out that reports from SOPHOS appear to show that if businesses pay hackers the cost may end up being double the ransom anyway. In fact, according to Mole, the new tactic may be to focus on how to mitigate damage once the hackers are in, whilst also trying to keep them out. “The reality is that CISOs have been coming to us for years saying that we recognise the fact that no matter how many defences businesses put up, they’re in an arms race against the bad guys, and if they’re sophisticated enough, they are going to get in. “Ninety-nine per cent of breaches can be put down to users clicking a link. As a result, CISOs are taking a pragmatic view, recognising they are going to have an

source, such as a bank or a supplier, to trick users into giving away sensitive information. Another threat is ransomware, where hackers take control of a company’s data and demand payment to release it.” Anders Reeves, CEO at CovertSwarm, added that once the hackers are in, it’s hard to get them out again. “One of the mistakes that a lot of organisations make is thinking they’ve kicked out the hacker by shutting down the network where they’ve detected the threat. “If you drop a glass on the kitchen floor, you’ll pick up the big bits first. But if you go hunting, you’ll find smaller shards scattered everywhere. That’s what an attacker looks to do. Like that broken glass, they will try and infiltrate as many places as possible.” The Current Techniques That threat of Ransomware is a particular conundrum for businesses at the moment, as they decide whether to pay these malevolent actors. Such a conundrum means that businesses often have to choose the threats that they protect themselves against, as Chaudhuri says, “countering the threat posed by hackers has been a mixed bag. “On the one hand, storage providers have implemented various security measures such as encryption, access controls, and intrusion detection systems to protect data. These solutions have certainly raised the bar for cybercriminals and made it more challenging for them to breach data defences. “However, it is crucial to recognize that hackers are persistent and adaptive. They

Jamie Moles Senior Technical Manager

extrahop.com

Tom Mercer Commercial Director

gainline.co.uk

CONTINUED

ucadvanced.com

23

Powered by