Building Cyber Resilience to battle Ransomware Attacks on Government in the Pandemic Era

By Rick Vanover, Senior Director of Product Strategy and Raymond Goh, Head of Systems Engineering, Asia Pacific and Japan, Veeam

The impact of the COVID-19 pandemic has been felt globally, especially as Governments scramble to find the best ways to mitigate this unprecedented crisis. This health crisis has not limited itself to the safety and welfare of individuals, but its prolonged nature has caused a ripple effect on local economies and businesses as well. Singapore is not immune to the effects of the pandemic, having rolled out four separate payouts for its citizens, to help them cope with the financial impact of COVID-19.

As the nation gradually lifts it restrictions and individuals grapple with the realities of this new normal, the Singapore Government has seen a greater need to continue spending an estimated $3.5 billion on infocomm technology projects to accelerate digitalization and support businesses recovering from the pandemic.[1] Part of those projects in line with Smart Nation initiatives, includes the Singapore government promoting avenues for government agencies and systems to partner with commercial cloud service providers.

First announced in 2018, the movement aims to bring about modern innovations and capabilities of commercial cloud computing platforms to less sensitive Government systems. By tapping onto resources that are already available on commercial cloud software, agencies will not have to reinvent the wheel, allowing them to incorporate advanced functionalities into their digital systems. Since the announcement of the plan, more than 150 systems classified “restricted” and below have migrated to commercial cloud. Contracts worth over S$870 million have been set aside to double the number of systems on commercial cloud.

While the pandemic has caused life and the economy to slow down or pause for some, cyber threats and attacks continue to be on the rise. A recent study by Carbon Black shows that security attacks are increasing at an alarming rate in Singapore, with 93% of respondents seeing a spike in overall cyberattacks since remote working became the norm.[2]

Regardless of how prepared organizations can be, they too can fall prey to cyber threats and attack – including ransomware. Running on commercial systems means that they are also susceptible to more threats. It is crucial that data remain secure – they have the responsibility to keep sensitive government and citizen data on commercial cloud systems safe and secure. Government agencies will need to be more vigilant and increase data protection measures.

Education: first step for building ransomware resilience

The 2018 SingHealth data breach, which saw more than 1.5 million individual records accessed, only shows that anyone is susceptible to an attack. In fact, investigations show that staff had been inadequately trained in cybersecurity, which resulted in them being unable to stop the attacks. This mirrors findings from the Veeam 2020 Data Protection Trends report, with more than 44% of organizations in Asia Pacific and Japan citing lack of IT staff skills or expertise has prevented them to move forward with digital transformation.

While having an IT staff or expert is an important role within any organization, they first need to educate employees on practicing safe working habits. Having the best security infrastructure in place will be rendered pointless if employees end up unknowingly feeding attackers with the data they need through phishing links. Awareness training to identify phishing emails coupled with self-assessment tools can create effective rapid response mechanism.

The education aspect must be taken seriously. Whether it is assessing the phish risk of an organization, removing the most frequent attack vectors or keeping systems and software up-to-date is effective in avoiding the increased risk of ransomware attacks.

Implementation of the right backup solution

When it comes to a ransomware incident, resiliency is completely based on how and which backup solution is implemented, the behavior of threat and the course of remediation. Implementing backups in an ultra-resilient storage type is one of the most critical defenses for ransomware resiliency. Beyond ransomware, backup solutions can bring other protection techniques for backup data resiliency such as mitigating insider threats and accidental deletion.

Remediation

In addition to educating stakeholders and implementing techniques to build a resilient infrastructure, public sector organizations should have safeguard plans to mitigate the impact of ransomware threats. In a scenario of ransomware attack, the following measures can be taken: 

  • Do not pay the ransom.
  • The only option is to restore data.

Implementing stringent layers of resiliency and knowing what to do when a threat gets discovered, is critical. Among the top priorities should be to onboard a team of security experts, identity management professionals and incident response authorities who can be contacted in a state of emergency. Additionally, having clear guidelines on the decision-making authority simplifies the recovery process after a disaster event has occurred. Finally, when the scenario is right to restore, implementing additional checks of safety before putting the system on the network again is important.

With the right preparation, governments can build resiliency against a ransomware incident to avoid data loss, financial loss, business reputation damage and more. As governments across the globe experience tight economic outlook, delivering citizen services efficiently and effectively becomes a top priority. Data driven digitization can help overcome challenges and create new opportunities for citizen services. Hence, the protection and management of critical government and citizen data become ever more critical.

Empowering government and public sector enterprises with data-driven decision making is key to introducing new policies, regulations and governance to improve quality of citizens and develop a knowledge economy. Cloud data management can unlock the power of data to transform public sector services through simple, flexible, and reliable backup and recovery for all data.


[1] Smart Nation and Digital Government Industry Briefing 2020 – Re-Engineering the Government Operating System

[2] Singapore Threat Report: Extended Enterprise Under Threat

This site uses Akismet to reduce spam. Learn how your comment data is processed.