When will you be attacked?

The Superior Court of Los Angeles closed for a day. Alcohol sales were disrupted in Sweden. Services for 500,000 customers of a credit union were interrupted. 200 cancer operations in London had to be postponed… If you just take the last few weeks of July, you can see how deeply impactful a ransomware attack can be.

Cybersecurity threats are evolving very quickly, in a very heated international context. They are no longer confined to targeting critical infrastructure, but are now actively exploiting vulnerabilities in previously less-considered targets, such as small and medium-sized businesses and local authorities. These entities are often more susceptible to attacks due to limited resources dedicated to cybersecurity. Even if robust protection systems are in place, no one is entirely safe from a ransomware attack suddenly blocking all operations.

Therefore, the question is no longer whether you will fall victim to an attack, but when. That is why it is vital to implement all the security measures needed to get your business back up and running as quickly as possible.

Recognizing this critical need, the NIS2 directive prioritizes business continuity. As early as the third measure, it highlights the importance of implementing backup and disaster recovery solutions.

NIS2 – Network and Information Security Directive– why most businesses are affected.

The extension of the first NIS directive is known as NIS2. It expands the NIS scope to encompass a larger number of operators providing important services to any country in the EU. This will bring a significant increase in the number of companies required to comply with the original directive’s cybersecurity measures. This new version will enable member states to strengthen cybersecurity, which was initially focused on critical operators, by moving to mass cybersecurity on a broader scale.

In France, 18 business sectors are targeted, potentially affecting more than 15,000 companies:

  • Highly critical sectors: energy, transport, banking, financial market infrastructures, health, drinking water and wastewater, digital infrastructure, public administrations, space, etc.
  • Critical sectors: postal services, waste management, chemicals, foodstuffs, manufacturing, digital suppliers, research, etc.

How can you protect yourself?

Backup is used in 78% of attacks to recover data and resume activity. The recommendations of ANSSI (French National Agency for Information Systems Security) for data backup strategies are:

  1. Protect access to the backup system.
  2. Multiply copies by applying the 3-2-1 rule: 3 copies of your data, 2 different media, 1 off-site copy.
  3. Outsource at least one copy.
  4. Encrypt backups.

How can you protect yourself even better?

Today’s attackers have clearly understood that data backup remains the last bastion to be conquered. 94% of organizations hit by ransomware in the past year said that the cybercriminals attempted to compromise their backups during the attack. In addition, there is a growing number of security alerts concerning the main software publishers.

So, you need to build up several ramparts on the principle of layers of onions, by diversifying the technologies used as backup to reduce the attack surface without compromising the ability to restart your business quickly.

My advice: back up your backups! Your disaster recovery plan should:

  1. Concentrate on your vital data and reinforce their protection.
  2. Implement an immutable, end-to-end encrypted solution.
  3. Automate the replication of your backups by using a second backup solution.
  4. Implement two-factor authentication of your backup system.

How can data confidentiality be guaranteed?

Achieving true control and confidentiality over your data goes beyond just backups. In its latest overview of the cyberthreat in 2023, ANSSI states: “Once again this year, strategic and industrial espionage is the threat that has most mobilized ANSSI teams”. Significant resources – human, financial and technical – are dedicated by both state and private actors to acquiring strategic, industrial and other sensitive information.

Cyberattacks targeting the European Union are indeed also motivated by industrial espionage. It is therefore important to reduce the risk of foreign interference, such as through:

  • American extraterritorial legislation (Cloud Act, FISA) granting US authorities access to data stored by US companies, even when that data originates from foreign sources, for law enforcement purposes.
  • Backdoors built into foreign software or hardware for unauthorized access
  • Malicious code designed to steal data

Controlling cybersecurity requires a sovereign approach by choosing a trusted solution with national governance.

The latest sovereign data backup and recovery solution

Faced with this need, three organizations specializing in data sovereign solutions have joined forces to offer a secure backup solution, called HexaCrypta, that safeguards vital data. The three players are:

  • Atempo: the French publisher of the Tina backup software
  • Scality: a French leader in S3 object storage solutions, with its ARTESCA and RING offerings
  • Eviden: the French manufacturer of BullSequana servers, assembled in Angers.

HexaCrypta meets the key requirements for data protection:

  • Immutability: secure backups by activating S3’s Object Lock
  • Flexibility: a solution adapted to all your needs, whether they are modest or substantial
  • Cost predictability: the solution can be upgraded simply by adding nodes (i.e., Scale-Out mode)
  • Performance: highly efficient restoration capacity (> 80 TB/h)
  • Sovereignty: Three French companies involved in French Tech and HEXATRUST

With the right strategies and tools, NIS 2 gives you the guidance to set a new standard for cybersecurity preparedness and data backup across Europe. By prioritizing business continuity and data sovereignty, you hold the winning cards. This way the question will no longer be if or when will you be attacked, but how well will you be prepared.