Increasing Operational Efficiency With Kasten K10 V6.0

Image
We are excited to announce the release of Kasten K10 version 6.0, the latest and most advanced version of our industry-leading platform that provides enterprise-grade Kubernetes data protection and application mobility. This release helps customers scale their cloud native data protection efficiently. Kubernetes deployments are growing at an unprecedented rate. Gartner predicts that by 2027, more than 90% of global organizations will be running containerized applications in production. However, today’s market conditions are scarred with financial uncertainty and a shortage of cloud native skills. Therefore, you must ensure operational efficiencies are in place to unleash the full potential of your cloud native environments while protecting your data. Additionally, security remains an imperative as organizations focus on keeping their businesses running. With this release, we also continue to innovate in this growing ecosystem, so that you can take advantage of the best-of-breed inn...

Never waste a good crisis: how to handle a ransomware attack

At VNOG, we provide essential fire-fighting services and assistance in the event of accidents, disasters and crises to the 870,000 citizens of North and East Gelderland in the Netherlands. In this blog post, I’ll tell the story of my most memorable day as VNOG’s Chief Information Security Officer (CISO).

Introduction: the life of a CISO

My journey to the CISO’s office wasn’t a straight line. I started out as an electrical engineer when I responded to a newspaper ad. I ended up entering the world of IT around the turn of the millennium, where I eventually specialized in networking infrastructure. Soon, I found myself fascinated by the cat and mouse game going on between hackers and cyber-security specialists. Attacks — I learned — are inevitable, which means cyber-resilience is crucial. I decided to take on the challenge of becoming a CISO, which means responsibility for information security for the entire VNOG organization comes down to me.

The ransomware attack: never waste a good crisis

My most memorable day at VNOG started peacefully. It was a Saturday in September 2020, and I was on a fishing trip with my son. The tranquility was shattered by the buzzing of my phone — the call every CISO dreads. An employee suspected a security breach. I asked if he could reach our backups. When he answered ‘yes’, I instructed him to disconnect the backup enviro

environment immediately. That decision would turn out to be pivotal.

Shortly after, we received the ransomware demand; our security had definitely been breached. To contain the attack, we literally pulled the plugs on network connectivity for the organization. Control room processes stayed up and running, but they were isolated from the compromised part of our IT environment.

My motto is: ‘never waste a good crisis’. If there’s any organization that’s used to keeping a cool head in an emergency, it’s VNOG. We initiated a two-pronged response: recover from the crisis situation to normal operation and kick off a forensic analysis of the attack.

Fortunately, we could restore using our backup infrastructure, which had been insulated from the attackers when we made the preemptive decision to disconnect it. Unluckily, it was an old, slow server that wasn’t designed for restore jobs. I decided to look for support from data protection experts.

At 11:15 p.m. that night, I found the Veeam Benelux contact using a search engine and gave him a call. To my surprise, he picked up! He explained that Veeam partner it2grow would be best placed to help us. Before I could phone them, they called me, and a great relationship was born.

Since our email systems were still down, I ended up purchasing Veeam using my personal email address, which raised a few eyebrows. It took us a few weeks to recover fully from the attack, but it could have been so much worse.

We also took the opportunity to redesign our cyber-security policy and the underlying toolset, with help from Veeam technology and it2grow expertise. Today, the 3-2-1-1-0 Rule is in force at VNOG, so we retain at least three copies of data, two of which are stored on different media, and one immutable copy in a remote location. We can also restore with zero faults. If the worst should happen (again!), we know we’re in a much stronger position to emerge unscathed thanks to Veeam.

Conclusion: Overreact and ask for help!

I learned a few lessons the day my fishing trip was interrupted. Always trust your instincts. It’s better to overreact than underreact. And the ability to restore data is just as important as the ability to back it up. Most importantly: never be afraid to ask for help — even if you’re not a Veeam customer quite yet!

For more advice on how your company can recover fast after a ransomware attack, read Veeam’s dedicated whitepaper: 6 Capabilities You Need for Rapid Recovery.

 

The post Never waste a good crisis: how to handle a ransomware attack appeared first on Veeam Software Official Blog.



Original post here: Never waste a good crisis: how to handle a ransomware attack

Comments

Popular posts from this blog

How to use a SOBR with Veeam Backup & Replication

How To Migrate a Veeam Backup & Replication Configuration Database to PostgreSQL

Use Snapshots to backup SMB File Shares on your NetApp ONTAP system