Making Remote Work Secure: Acronis

The COVID-19 pandemic has altered the cybersecurity threat landscape dramatically, emphasizing a number of security and privacy vulnerabilities related to remote work activities, such as remote access to internal business computers, virtual conferencing, and employee information security training.

Attacking home users is easier for hackers since they are often less safe in comparison to  their workplace, where security protocols and precautions are implemented (to at least some extent). These remote workers must nevertheless connect to numerous servers and access and generate private, sensitive data from their less-secure home office setting in order to conduct their tasks.

At home, the possibility of losing crucial data or being hacked is substantially higher. As a result, every remote worker should be ready to protect his or her remote workstation.

Hence, let’s review some important details on secure remote work and top tips to stay protected from cyberattacks.

Remote Workers are Under Attack: Statistics 

In June and July 2020, Acronis conducted a survey of 3,400 companies and remote workers from around the world about the dangers, obstacles, and trends they’ve seen since transitioning to remote work. The findings are concerning. Based on that Acronis Cyber Readiness Report, the following are some of the most important findings related to remote work security: 

  • Almost half of all IT managers reported difficulty instructing and securing remote workers.
  • Cybercriminals target 31% of international companies at least once per day. Phishing attempts, DDoS attacks, and videoconferencing cyberattacks were among the most common types of attacks.
  • To complete the transition to remote work, 92% of global institutions had to adjust to new technologies. Consequently, 72% of global agencies saw a boost in IT costs during the pandemic.
  • Because agencies aren’t focusing on improving defensive capabilities correctly, successful attacks continue to be common, despite rising technology spending.
  • During the pandemic, 39% of all businesses reported video conferencing attacks.

MSPs are a Target for Cybercriminals

Because managed service providers (MSPs) serve a large number of small and medium-sized enterprises, many MSPs have been victims of cyberattacks. The idea is simple: rather than compromising 100 individual organizations, hackers only need to breach one MSP in order to have access to 100 clients. 

Cybercriminals gained access to MSP management tools and, subsequently, their clients’ PCs, through exploiting weaknesses, the absence of two-factor authentication (2FA), and spamming.

Simple Backup and Security are No Longer Sufficient

Let’s take a look at an an example of one of the recent malware, Conti Ransomware: 

  • The average demand for this malware is under $100,000
  • It mainly uses Windows Restart Manager to close any open or unsaved files before encryption
  • It includes more than 250 string decryption routines and about 150 services to be terminated
  • It undertakes fast file encryption in 32 simultaneous threads using Windows I/O Completion Ports
  • It follows the trend and recently has launched the ‘Conti.News’ data leak site

Furthermore, the ransomware discards shadow copies of files and dynamically resizes shadow storage for drives from C: to H:, which may cause shadow copies to vanish as well. It also disables SQL, antivirus, and cybersecurity services, as well as backup solutions like BackupExec and Veeam. It also tries to kill the Acronis Cyber Protect solution, but our self-protection technology prevents it. There are around 150 services on the list, including:

Netwalker ransomware, which was detected in the wild in August 2019, is another instance. It uses the RaaS model and is aimed at both businesses and individuals. They have managed to extort around $25 million since March 2020.

Netwalker, like many other ransomware variants, erases the files’ Windows shadow copies.

In an effort to stop restoration, Netwalker additionally tries to disable backup services that start with the following strings:

Acronis’ Tips for Staying Secure in Today’s and Future Threats

Cyberattacks, data breaches, and ransomware outbreaks all demonstrate that cybersecurity is failing. This failure is the product of faulty technology and human errors brought about by sophisticated social engineering. It frequently takes hours or days to restore systems (including data) to a functional condition when a backup solution was working well and wasn’t compromised. 

An effective backup system is necessary in the event that cybersecurity solutions fail, however, backup solutions can be hacked, deactivated, or function slowly, causing organizations to lose a significant amount of money due to downtime.

Introducing Acronis Cyber Protection for Remote Workers

To address these issues, we offer Acronis Cyber Protect, an integrated cyber protection solution that integrates anti-malware, vulnerability assessment, patch management, RMM, and backup features into a single agent that runs on a variety of Windows operating systems. Organizations can protect themselves against modern cyber threats while recovering their data and systems faster than with any other solution by combining data protection and next-generation cybersecurity capabilities, such as AI-based behavioural detection that stops zero-day attacks, URL filtering, and vulnerability assessments, videoconferencing protection, and automated patch management.

This integration allows you to retain peak performance, avoid compatibility difficulties, and recover quickly. If a threat is overlooked or recognized while your data is being edited, the agent will restore your data from backup as soon as possible.

An anti-malware agent cannot perform this type of automated recovery. Although your anti-malware technology may have eliminated the danger, some data may have already been destroyed. A backup agent will be unaware of it, and data will be restored slowly, if at all.

Undoubtedly, Acronis Cyber Protect Cloud seeks to eliminate the need for data recovery by finding and preventing threats before they can impact your environment. Our increased, multilayered cybersecurity capability allows us to attain this level of protection.

About Acronis

 Acronis integrates data protection and cybersecurity to give comprehensive, automatic cyber protection that addresses the new digital world’s concerns of security, availability, transparency, authenticity, and security. With revolutionary next-generation antivirus, backup, recovery plans, and endpoint security managed services that match the needs of service providers and IT professionals, Acronis provides excellent cyber defence for data, processes, and systems. Acronis secures any environment – from cloud to hybrid to on-premises – at a low and predictable cost, thanks to award-winning AI-based anti-malware and blockchain-based data authentication solutions.