Using generative AI’s writing capabilities, cyberattackers, including those looking to launch ransomware, can now strike faster with better accuracy, as the spelling errors and grammar issues in phishing emails are more easily eliminated, making attacks more evasive and convincing.
With these changes, the skill required to start a ransomware attack could be reduced to constructing a malicious AI prompt and having access to ransomware-as-a-service tools, leading to a whole new wave of attacks. Here are some tips on how to be prepared for these attacks.
1. The main attack surfaces for the backup solution are the UI and the storage, you should:
- Segment and isolate backup systems.
- Use stronger multifactor authentication (MFA) mechanisms.
- Move to Zero-Trust-based authentication with passwordless capabilities.
- Use encryption and do not use shared storage with any other workload
2. If backup policies and recovery process documentation are exposed, attackers will use them against the victims to make sure that recovery is impossible without paying the ransom.
- Protect the policies and documentation with encryption and only allow privileged access.
- Keep your policies and disaster recovery process documentation in another formfactor.
3. Separate your storage from your admin’s typical operational environment. Cloud is the best option in this case, but you must consider the fact that the internet gets congested, and disaster recovery runs will not be fast. Other ways to secure your backups:
- Use Zero Trust for access to your backup solution
- Reduce access using role-based access control
- Avoid “network sharing” for your backup environment
4. Don’t forget about secure backup for data stored in the cloud. Essential data assets that require continuous data classification, access control, and strategy for true data protection.
AI is a tool that can be used for good and evil. Don’t let your company get attacked with AI. Contact us at Access Tech where we can help secure your business and protect your data.