In June 2023, several United States federal agencies were hit by a global cyberattack exploiting the MOVEit file-transfer vulnerability, which has since spread to countless organizations. In May, it was reported that ransomware attackers were targeting local governments in the U.S., including emergency services and schools.
Federal agencies can no longer wonder whether they’ll be attacked with ransomware, but rather when it will happen and if they will be resilient against ransomware.
New research found that in 93 percent of cyber-events, criminals attempt to attack the backup repositories, with 75 percent losing at least some of their backup repositories and 39 percent losing all of them. It’s critically important for federal agencies to be prepared for when the inevitable occurs by focusing on immutability, and it all starts with a trusted backup and recovery platform.
Why Backup & Recovery is Key
It’s no secret that the federal government has struggled to secure its environment. Every successful attack on a federal agency is a reminder of the work to be done, especially due to the sensitivity of the data they’re managing and sharing across the Internet.
Recent administrations have issued executive orders focused on enhancing cybersecurity and preventing successful intrusions, but the fact of the matter is that preventing ransomware has become an effort in futility. Research from early 2023 found that 85 percent of organizations experienced at least one attack last year, and that number continues to climb.
That’s why all organizations and sectors need a shift in the way they think about ransomware. It’s no longer only about prevention, but rather how well an organization or agency can recover after an event. And attackers recognize this shift, too, causing them to target backups more frequently.
The answer? A strong backup and recovery solution to help get your department back up and running as quickly as possible, helping avoid costly downtime and data loss. A key tactic to follow is ensuring that backup repositories cannot be deleted or corrupted, also known as being immutable. Working with trusted government partners to achieve true immutability is key.
Working with Federally Certified Vendors
Government agencies especially need to ensure they are partnering with trusted partners whose security practices have been vetted and approved at the federal level. There are several certifications to look out for, but perhaps the most important is inclusion on the Department of Defense Information Network Approved Products List (DoDIN APL).
The DoDIN APL certification process is a rigorous evaluation to confirm whether IT products meet the high standards that are required for usage within the DoD’s networks while supporting national standards for cybersecurity and interoperability. Products that receive this certification are proven to maintain strict levels of security and compliance – but that’s not all.
When implementing a new platform or solution, Defense agencies have to undergo a cyber certification process to ensure the desired tool meets security standards and products listed on the APL do not require this additional step, as the DoD has already vouched for them.
As a procurement-decision tool, DoDIN APL allows agencies to more quickly implement new technologies. Emerging technologies like AI have made hackers more effective and agencies need the ability to respond quickly. Selecting products from the DoDIN APL allows for the agility that agencies need.
Ransomware shows no signs of slowing – in fact, new technologies and tactics have made the threat more dire than ever before. And while attempting to prevent ransomware may be a losing effort, organizations that make themselves immune to its impacts will be poised for success in the coming years.
Prioritizing strong backup and recovery practices is the best way to reduce the impact of ransomware on your day-to-day, because when that attack does come, you’ll be able to bounce back quickly. And in the federal sector, where countless eyes are upon your every action, it’s important to have an approved vendor on your side. Your very reputation could depend on it.
The author, Gil Vega, is Chief Information Security Officer, Veeam.