The shift to remote work during the pandemic has given ransomware attackers a wider foothold to exploit IT vulnerabilities, forcing federal IT leaders to build new trust mechanisms and develop stronger safeguards for data security, say security experts in a new FedScoop podcast.
The sudden increase in personal computing devices connecting to agency networks — and the ability to compromise the home networks they dial in from — have made it easier for ransomware hackers to find pathways into agency data systems.
Building a comprehensive protection strategy around those additional endpoints and ensuring data is properly stored and protected are critical steps for agencies to take now, according to Mike Malaret, director of sales engineering for defense and intelligence communities at Veritas Technologies.
But he and Veritas colleagues Barry Levine, director federal healthcare and civilian strategic programs, and Senior Director Dave Cerjan, also stress the importance of having modern data backup and recovery systems in place, so that in the event that ransomware attacks do occur, agencies have the means to isolate their backup data in order to recover quickly.
Data security practices need to protect both the remote workforce and federal data resources from ransomware exploits, they say in the podcast, underwritten by Veritas Technologies and Carahsoft:
Exploitable vulnerabilities in agency networks
The threat of ransomware was already escalating dramatically before the pandemic, Levine says.
“In a 2019 study, we found organizations falling victim to ransomware [at the rate of] one in every 14 seconds,” according to research from Cybersecurity Ventures, notes Levine. “So, we’re going to have to really watch the endpoints now with the teleworkers, in addition to the agencies’ IT practices as a whole,” he says.
As agencies have increased the number of remote workers, those home networks bring security issues of their own, adds Malaret. Agency employees may have additional people in the home doing things that can become an additional attack vector.
“Somebody could compromise not necessarily the system that you’re trusting, but compromise somebody else’s system and then try to build a hole through that home network, and then attack the individual endpoints,” he explains.
A comprehensive strategy around additional endpoints will help to make sure that the data being produced at remote sites is being protected properly.
Steps to better protect data from cyberattacks
“The rate which data is growing, simple backup and recovery approaches are no longer suitable,” says Levine. “Agencies have to have a more deliberate action that must be considered for data protection strategy.”
Malaret elaborates on an approach to protecting data, advocated by Veritas, that looks at “operational recovery.” If there is an event which requires an agency to immediately bring a system back online, they need an end user capability, from an administrator perspective, to be able to bring that up.
Malaret describes several capabilities that a modern, comprehensive data backup and recovery system should provide:
- Instant recovery from an operational perspective, which allows IT to bring the operating systems back online very quickly.
- The ability to keep the IT environment up and running in one location and allow it to fail over into a second location. That’s important when two cloud sites are supported by separate vendors; it makes it possible to have the same operational recovery and local recovery system on each cloud platform.
- Full disaster recovery so that if something were to happen, if that first cloud or on- premises data center went down, an agency would be able to bring that system up into another cloud environment or to an on-premises environment.
Modernize backup systems to safeguard federal data
“It all comes down to one very important feature, resiliency,” says Cerjan. “Regardless of where your apps and your data reside, you have to have complete capabilities to access that data regardless of the outage or where that outage may reside.”
In a recent Veritas Technology Databerg Report, the company found that 52% of the average agency’s data is dark, and 33% is either redundant, obsolete or trivial. That means that only about 15% of the agency’s data is relevant, Levine says.
“Having a good data stewardship improves the security posture so the agency less vulnerable,” he says.
To keep up with ransomware incidents, check out StateScoop’s interactive map Ransomware Map.
Listen to the podcast for the full conversation on protecting teleworkers and federal data from ransomware. You can hear more coverage of “IT Security in Government” on our FedScoop radio channels on Apple Podcasts, Spotify, Google Play, Stitcher and TuneIn.
Dave Cerjan has nearly 30 years of experience in IT. Prior to working with Veritas, he has served in leadership roles at Cisco, Adobe and Oracle.
Mike Malaret has extensive experience leading business and technical operations. In his current role, he advises U.S. Department of Defense and Intelligence Community agencies.
Barry Levine has more than 25 years of technology experience working with federal civilian and healthcare agencies.
These have been underwritten by Veritas Technologies and Carahsoft.