It seems that many governments worldwide are ill-equipped to handle ransomware attacks, being unable to recover data that has been encrypted, stolen or deleted by threat actors.
A recent survey from Arcserve found over a third (36%) of governments do not have a documented disaster recovery plan, and almost a quarter of remote workers do not have any backup or recovery solutions.
What’s more, nearly half (45%) of IT departments within government do not believe it is their responsibility to recover data stored in public clouds, which Arcserve says is mistaken. A third also said that they would require over a day to recover from severe data loss, whilst at the same time a vast majority think that it should take less than a day to restore critical systems.
Patrick Tournoy, Arcserve’s executive VP of operations, said: “Gaps in protecting remote workers and cloud-based apps and data create an ideal hunting ground for bad actors and ransomware, while not having documented and tested recovery plans leave an organization more vulnerable and poorly equipped to recover data.”
Arcserve believes that in order for governments to best protect themselves, they should set up up a disaster recovery plan and ensure it is regularly tested, as well as backup numerous copies of their data to different sites and media, including an immutable storage solution to prevent it from being altered.
Mark Appleton, CCO of ALSO Cloud UK, also commented: “By investing in disaster recovery planning and preparedness, government organizations can help minimize the costs associated with unexpected events and ensure they can continue providing essential services to the public.”
Appleton is of the same opinion that it shouldn’t take over a day to recover from an attack, which indicates the need for improvement with regards to governments’ recovery procedures and testing.
“Implementing regular testing of backup and recovery solutions or investing in cloud-based disaster recovery solutions can help minimize downtime in the event of an attack,” he explained.