Cyber Attacks: The Importance of Enterprise Backups
by Betsy Burton and Jim Lundy
The US/China trade war continues to escalate with stalled trade talks, plus threats of additional tariffs and on supplies of raw materials. But the ominous statement made most recently in an opinion piece of the People’s Daily really got us thinking— “We advise the U.S. side not to underestimate the Chinese side’s ability to safeguard its development rights and interests. Don’t say we didn’t warn you!”
In an age of proliferated cyber attacks, enterprises, just like governments, can’t afford to be too careful. In this blog, we’ll discuss the potential increase in cyber war and the importance of enterprise backups in the case of an attempted hack.
What Are the Implications Of a Trade War Over the Longer Term?
We know the trade war between the US and China is likely to impact the costs and availability of products. But more specifically, what are the risks that could directly impact Aragon Research’s technology-based clients? Let’s explore the security risks that could be unleashed if there are reduced economic benefits for the Chinese to “play nice” with the US and its allies.
Potential Increase in Cyber War
For some time, the US government and businesses have experienced an increase in Chinese and Iranian hacks. This increase in hacking is in large part credited to changes in the US policies with each of these countries, specifically including:
- In the case of Iran, the US pulling out of the nuclear agreement and increased tensions in the Middle East region.
- In the case of China, the recent trade wars and crack down on Chinese businesses such as Huawei signals the de facto end of the 2015 US Chinese cybersecurity agreement.
In addition to the elimination of economic incentives to reduce either state-run, state-sanctioned, or state-ignored hackings, the US, China, Iran, North Korea, Russia, and Israel all decided not to support the Paris Call for Trust and Security in Cyberspace. While this agreement lacked enforcement, it did outline agreed upon cooperative principles.
So we are here now—there is no carrot or stick that will cause China to reduce hacking. And, in fact, we believe increased trade tensions will only cause the flood gates to open more for state-run or state-encouraged hackings from China.
The PHP Injection Hack—Signs Point to China
This week over 50,000 MS-SQL and PHPAdmin servers were hacked with a campaign called “Nansh0u.” It is believed to have come from a Chinese source due to its programming language and digital certificate.
For a number of weeks, Baltimore has been struggling with city management systems due to ransomware. While the specific source of this hack is not yet known, the tool being used is known to have been in the hands of Russian, North Korean, and Chinese state hackers.
Cyber War is Everywhere
The number of attacks on enterprises keeps going up and attacks that target identity and commerce are at the top of the list. The challenge is that enterprises are still not prepared for the eventuality of being hacked. For example, here at Aragon, we moved all of our research content off of our website in 2014 because we anticipated that someone would try to hack us. Since it has been stored and secured in a major cloud provider’s cloud, we have never had an issue. However, in 2017 a competitor, Forrester, was hacked and a significant amount of their research was stolen.
Enterprises Need to Be On Guard—Enterprise Backup Becomes Vital
There is no time like now to start to prepare a plan of action. Attacks on enterprises and governments are no longer random. These are pre-planned and they can be catastrophic. Not having a plan opens up the potential of large hacks similar to what happened a few years ago to Sony and most recently the ransomware attack on the city of Baltimore.
Enterprise Backup, which used to be called Enterprise Archiving, is a trend in the market and enterprises should look to firms such as Cohesity, Rubrik, and others. The challenge for enterprises is that they often don’t know where to start. The key thing to remember is that if you are not backing up your data and your devices, you are at risk.