InsightNot a question of 'if' but 'when' a ransomware attack will occur. Be well prepared with a backup strategy

Alina Mot — 28. February 2022
Reading time: 3:30 minutes

IT-SICHERHEIT - auch in Krankenhäusern als Teil Kritischer Infrastruktur wichtiger denn je

In January, the International Red Cross reported a hacker attack with data theft of over "515,000 data of vulnerable people." (Tagesschau.de on Jan. 20, 2022) Today, the question is no longer if a cyberattack will happen, but when - and how companies and organizations are prepared.

We are repeatedly called upon by customers during ransomware attacks to recover their important assets, critical data and thus the crown jewels of any organization. With this background of experience, we prefer the approach of protecting customers through more modern technologies and security by design in the data protection environment even before an attack occurs to the extent that their data can be recovered easier, faster and with as little loss as possible in case of emergency.

Critical infrastructure - new attack point for cybercrime

With the onset of the Corona pandemic, the situation for hospitals has also become much more acute in data security: While companies were previously targets for cyber-attacks, public services, and especially critical infrastructure (CRITIS) are now also more at risk. According to a Kaspersky study, almost three-quarters (72 percent) of German companies in the healthcare sector had been affected by at least one cyber-attack since the start of the pandemic as early as May 2021.

Given the increased level of attack, the issue of cyber resilience sheds new light on the topic of digitization in the healthcare sector: investment by the healthcare sector in new technologies and systems was still at 33.3 percent in 2021. At the same time, less than half (43 percent) of the IT decision-makers surveyed consider themselves sufficiently equipped to detect and analyze cyber threats in advance.

The Federal Office for Information Security (Bundesamt für Sicherheit in der Informationstechnik, short: BSI) attributes why the issue of cybersecurity poses new challenges for German hospitals to many digitization projects developed out of necessity in its study "The State of IT Security in Germany 2021." (BSI 2021:87)

Thus, if information security is neglected in favor of functionality and development speed, sensitive points of attack arise for entire corporate networks. In the context of digitization in healthcare, IT security has therefore counted as a key component of the Hospital Future Act (Krankenhauszukunftsgesetz, short: KHZG) promoted by the federal and state governments since 2021.

Given the high pressure under Corona in hospitals, cybercriminals have most frequently been able to gain access to sensitive data through ransomware. Ransomware allows cybercriminals to deny access to proprietary data in order to demand a ransom.

However, the better data is already secured at the time of the event, the less vulnerable the organization is to blackmail. This not only weakens cybercrime at its points of attack, but in particular strengthens the affected organization, which can move more independently under such pressure by recovering its data itself.

Take precautions before a crisis occurs: Backup strategy and disaster recovery plan

Defense strategies to avoid or close security gaps are undisputedly a supreme discipline in data security. However, it is irretrievable if the backup is damaged in an emergency, or infected by ransomware. Our work therefore begins long before the crisis occurs.

Based on a backup strategy and a disaster recovery plan, an organization is prepared for any emergency situation in terms of organization, personnel, but especially in terms of protecting its data. We ask our customers:

Do you have a disaster recovery plan?
How long and what data can you recover?
Have you already tested the plan?

Once an attack has occurred, this preparation cannot be made up. Therefore, especially for hospitals, very stable products and a proven strategy are important to reliably protect patient data.

Cloud? - Appropriate technologies for rapid detection

For the topic of cyber resilience as a holistic corporate strategy against cyber-attacks, the cloud is indeed a critical factor. Whether and which cloud strategy is chosen in conjunction with modern technologies - or even in a hybrid solution - must be well considered here. Our consultants can help with the decision with their know-how and decades of experience. We work with technology market leaders such as IBM, Predatar, Veeam, Rubrik or Cohesity. This makes our backup concepts pragmatic, secure and easy to implement - even in crisis-ridden infrastructures such as hospitals during a pandemic.

Being prepared for a ransomware attack means having a well thought-out and validated cyber resilience strategy. The implementation is tested and adjusted regularly, because requirements change over time. At the same time, it trains your employees to respond effectively to emergencies.

This article was published in IT-Sicherheit Spezial Krankenhäuser on 28.02.2022.

Alina Mot

Alina Mot has been Managing Partner of Empalis since 2018 and is heavily involved in Empalis' strategic direction and business development. She brings experience from over 20 years in customer projects: from product and project management, to software architecture, to solution design and development. She has also played a leading role in establishing strategic partnerships, such as with Cohesity and Predatar.

Do you need to implement NIS2? Cyber resilience is (not) a question of backup

Modern and innovative data protection for your company.

Managed service - backup tailored to your needs

Empalis supports you with your comprehensive security management.

Discover the Empalis Cloud: flexible, multifunctional, highly scalable.

IBM Tivoli System Automation for z/OS (SA for z/OS): Numerous system management functions with a single point of control

Get solutions to a wide range of NIS2-related issues in one go: with VIKING Backup Guardian - cyber-resilient all-in-one backup solution.

Harden your IT infrastructure against cyber attacks

Optimise your data backup environment and archiving

We manage your backup environment for you.

Easy and efficient administration of IBM System z/OS

Veeam offers you exciting opportunities to future-proof your IT and backup environment.

Since more than 30 years we provide consulting services for IBM products and manage IBM infrastructures in the enterprise environment.

Alert message: Error in Veeam Backup for Microsoft 365: First aid for admins when backing up Exchange mailboxes

Cohesity is our strong partner for cyber-resilient architectures with VIKING.

With Predatar, you have a clear advantage thanks to AI anomaly detection: Proactive Recovery Assurance

So why not wasabi?

The interface for easy use of IBM Storage Protect (ISP)

Because our customers love it: Get to know our partner technologies from General Storage

Automated monitoring & reporting - complete control of all backups and restores in your company

Managing Microsoft Sharepoint - sustainable, secure, productive with Docave

Get an overview of trainings & events

Easter bundle until 30.04.2024: Book now and save 20%-30% by quoting the promo code!

Am 18.06.2024 diskutieren wir mit unseren Partnern Veeam und Wasabi, wie Sie Risiken effizienter minimieren.

Proxmox with Veeam - an alternative to VMware?

Empalis technical article in IT Security Online: Cyber Resilience: Which backup solution for Microsoft 365?

Empalis ist again awarded as top company in 2024 - thank you!

The formula for our success: Be there, keep listening, implement.

Empalis ist pioneer partner of Apex by Predatar

Empalis is welcoming new employees - just send us your unsolicited application.

We look forward to hearing from you!