Riccio che rappresenta protezione

Data storage in the crosshairs of cyber attacks

According to recent surveys by the Clusit observatory on security, 67% of Italian companies recorded an increase in cyber attack attempts last year and 14% suffered more or less serious consequences from an economic point of view. A situation that is not destined to improve this year by placing the need to keep defenses up and reduce vulnerabilities in the foreground. Starting with the one from networks and systems but without neglecting other weak points.

Among these are the few terabyte NAS storage appliances commonly used for local data backup and support for single offices, corporate branches, shops, and often also in healthcare and video surveillance equipment. In the past year, the DeadBolt ransomware, which followed the previous ones Qlocker and ChOraixe, targeted these drives, creating huge economic damages and dangerous data leaks. If until recently the choice of a NAS storage could have been based on the capacity of the disks, speed, and reliability of the RAID modes, today protections against cyber attacks coming from the network and those directed at the physical device must be put in the foreground.

Protections must be technically solid since, in typical areas of use, small NAS is not installed inside protected data center structures and the presence of a security expert cannot be counted on to monitor alarms and configurations. Missed updates, banal user passwords or passwords still active after the turnover of people, and improper interventions by inexperienced users can leave the door open to the actions of cybercriminals.

While in the past attacks rarely targeted small data archives with no direct economic value, the wave of ransomware attacks showed the spread of the danger and how stolen and often made public data on the dark web have brought discredit to institutions and companies, spreading the damage suffered to users, customers, and suppliers. BinHexS offers comprehensive managed security solutions including antivirus, anti-malware, policy enforcement, monitoring, and access control systems for networked systems. These are added to BinHexS’s consultancy and planning skills in security and business continuity.