This article first appeared in Digital Edge, The Edge Malaysia Weekly on February 26, 2024 - March 3, 2024

In recent years, cybersecurity attacks have emerged as a major concern for organisations, prompting a heightened focus on security defence as a key operational priority. 

Compliance regulations and governmental directives mandate effective countermeasures against ransomware threats, necessitating careful planning for robust defence strategies worldwide. 

While some companies predominantly invest in antivirus software or rely on failover mechanisms, these approaches often fall short of protecting data from encryption and ransom during actual cyberattacks. Notably, the critical aspect of backup is frequently overlooked. 

According to a survey conducted by IDC, more than 80% of companies suffer data loss following an attack and about 60% of respondents stated that this data loss is irrecoverable. In other words, the most severe consequence of ransomware is the inability of businesses to retrieve essential operational or confidential data. 

Therefore, companies must develop a correct understanding that while antivirus software and failover mechanisms are indeed effective, they address different problems and excel in different areas, leaving a gap in the face of ransomware and cybersecurity attacks. 

Antivirus software is commonly employed as the initial layer of defence for many companies, thanks to its user-friendly nature and straightforward implementation. However, data from the independent IT security organisation AV-TEST indicates the continuous emergence of over 450,000 new malicious or harmful programs daily. 

When employees do not consistently update software versions and virus definitions, they may struggle to adapt to the evolving landscape of ransomware, potentially leaving their defences lacking. 

Despite regular updates, there is no absolute assurance that hackers or malicious entities won’t find ways to bypass or compromise the antivirus software. This implies that vital data remains susceptible, and in the event of encryption, recovery may be challenging. 

Misunderstandings also frequently arise when equating backup with failover. For instance, in the case of high availability (HA), which operates by setting up active and passive servers, the data from the active server is continuously synchronised with the passive server. When the active server encounters issues or stops operating due to external factors, the passive server takes over to ensure uninterrupted operations. 

However, during a ransomware attack, the synchronisation process lacks exclusivity and encrypted files are still transmitted to the passive server. This means that business operations will be interrupted, and data will be lost. 

Implementing modern backup systems and prioritising disaster recovery are crucial for organisations. By performing fast full-machine backups, eliminating duplicate data and establishing traceable backup versions, organisations can restore specific files, minimise downtime and safeguard valuable data. Comprehensive backup implementation is key to overcoming the negative impact of ransomware effectively. 

Joanne Weng is director of the international business department at Synology, a Taiwan-headquartered corporation that specialises in network-attached storage appliances

Save by subscribing to us for your print and/or digital copy.

P/S: The Edge is also available on Apple's App Store and Android's Google Play.