When an individual interacts with a government agency, often, a small part of personal data is provided and stored in the system. This indicates that ransomware attacks can jeopardize both internal government data as well as citizen information. The government agencies are in a more precarious position as compared with the private companies, because they are the proprietor of citizen data – from motor vehicle records to photo identification documents.
The overall Indian public cloud services market is expected to reach USD 10.8 billion by 2025, growing at a CAGR of 24.1% from 2020 to 2025, according to IDC. Also, the pandemic helped cultivate cloud capabilities and by extension, SaaS, to become a necessity for government and private industries alike.
Annual cloud spending has been at an all-time high over the last few years, with an unprecedented growth momentum for India at a CAGR of 45% over the last 5 years, as more and more sectors are leveraging cloud capabilities to grow their businesses.
Within APAC, TMT and financial services sectors are heavily investing and rapidly innovating by leveraging cloud services. While we expect a similar momentum in India across these sectors, we also expect a significant positive shift in cloud policies among public sector organisations.
As we evolve in terms of how and where we store personal data, our adversaries adapt in terms of how they target it. And, as more personal information is being stored in the cloud, bad actors are increasingly targeting cloud capabilities.
Cloud-targeted Ransomware attacks
The Office of Personnel Management recently released telework guidance, the recommendation to increase telework access means continued reliance on cloud and SaaS, and the accompanying potential for cloud-targeted ransomware attacks.
It is projected that by 2025, 75% of IT organisations will be hit with at least one ransomware attack. India has been the worst hit by ransomware in the APAC region, with 76% of the organisations have suffered a ransomware attack in 2021, it’s more important than ever that agencies using SaaS and cloud programs back up their data.
A Three-Step Process for Government Agency Resiliency
Cloud and SaaS capabilities will continue to be staples for federal agencies so, how can the government make sure they protect and backup data to prevent ransomware attacks?
For government agencies to effectively protect cloud-hosted data and the associated web-based software, they need to know their opposition, implement a strong backup infrastructure, and deploy processes to deal with the aftermath of an attack.
Ransomware attacks tend to go after remote access methods that are not built in a secure manner, utilize phishing attacks or capitalize on system vulnerabilities. By implementing secure remote access, training employees about phishing and ensuring systems and software are always up-to-date, agencies can take a preventative stance against ransomware.
Because ransomware agents seek to block system access in exchange for payment, the best defence against these attacks is a strong backup infrastructure and data protection system.
Implementing multi-factor authentication for SaaS applications can strengthen data protection because it strengthens accessibility requirements. And, while it goes without saying that data should always be backed up, it’s especially important that cloud-based data backups are stored on devices that aren’t connected to a network.
According to Veeam’s 2021 Cloud Trends Report, more than half of SaaS admins agree that data should be backed up to protect an agency against a cyber event.
And, while many government agencies already utilize data encryption, they should take that practice a step further by encrypting backups for an added layer of protection.
Unfortunately, no matter how well agencies are prepared, ransomware attacks are still likely to occur in the coming years. Therefore, it’s imperative that government is prepared to handle a successful attack and has the necessary processes in place.
To start, government agencies should have an emergency contact list prepared that identifies who and how to contact the necessary IT teams, employees and external resources in security, incident response and identity management.
A prompt response can ensure necessary data is more effectively recovered as well as aid in minimizing the risks related to the data that has been lost. If the data loss impacts citizens and their personally identifiable information, cross-agency collaboration is likely to ensure the appropriate measures are put in place to protect those affected.
After a Ransomware Attack, Rebuild and Start Again
Ideally, government agencies won’t see an increase in ransomware attacks on cloud capabilities even as systems more frequently leverage them because of the uptick in remote work. To remain vigilant, they should know their potential enemies, implement a strong backup infrastructure, and deploy processes to deal with the aftermath of an attack.
(This article is written by Rick Vanover, Senior Director of Product Strategy – Veeam; and Sandeep Bhambure, VP – Veeam Software, India & SAARC. The views expressed in this article are of the authors.)