Keeping ahead of the threat

Malware has become a major threat to business continuity, and hackers’ current favoured tactic of encrypting files and holding them to ransom is a particularly pernicious one.

It is also more common than ever. Indeed, according to one study, ransomware attacks rose by 92.7 per cent in 2021 compared to 2020 levels – and this only counts the attacks that were actually reported.

Brendan Healy, services director at Triangle, said that this growing threat required a new approach to IT security.

“We’ve moved on in our offering in the market. While the market itself hasn’t changed much, we’ve driven onwards.”

Triangle’s approach is to focus on providing a robust early warning system that can spot incoming attacks and neutralise them. This ‘prevention is better than cure’ approach allows businesses to nip threats in the bud rather than discover months after the fact that crucial business data has been rendered inaccessible.

“The last thing you want is having to ring and say, ‘I can’t access this file’,” he said.

Triangle avoids this scenario by deploying proprietary tools within databases that scan, analyse and, most of all, automate processes.

“We build a whole automated flow to protect data and also to automate the recovery. You make a back-up of your file server and it will look for encryption or potential encryption. We take as many feeds as we can and out of that we deliver automation,” he said.

“If something trips an alarm, we immediately take a snapshot of the data and then we can investigate the data, doing this offline, checking if something is a false positive or is it something more serious. If it's the latter we can decide where we want to roll back to,” he said.

Without such an early warning system, businesses can find themselves diligently backing up data every day and week thinking that they are protected but, in reality, still left exposed.

After all, back-ups are what hackers are after.

“The back-up is the first point of attack for most hackers. This reduces your risk period from what could be two months to 24 hours,” Healy said.

As a result of its expertise, Triangle has now become the only Irish Certified Recovery Partner for Dell Technologies, he said.

A new, darker world

Cyber security has never been far from the headlines, and last year’s attacks on a number of Irish higher education institutes and the HSE drove it to the front pages. Today, with war in Ukraine, there is an added instability factor.

The good news is that this at least means people are open to discussing security, said Healy.

“If you look at the events that cause attacks to increase, warfare is one of them. There is absolutely a huge increase in attacks, but there is also slightly increased information about attacks. People are willing to talk about it. That openness helps other people,” he said.

Against that, there has been an exponential increase in attacks, he said.

At the end of the day, security is a process, though, and paralysis caused by analysis is something that needs to be avoided. Instead, attacks should be expected and business data prepared, sorted, protected and backed up with that in mind.

“You can never be 100 per cent secure. It really is about being able to recover. We spend a lot of time with our customers identifying the data that matters. Not every piece of data is equal, so you need first to identify what data you can't run the business without,” Healy said.

Triangle’s services, including hardware and software, are deployed under an operating expenditure model, something Healy said resonates well in the market.

“Otherwise, it can become very capital intensive to get into, whereas if you do it as a service you can flex it up or down.

“It includes everything, there is no capex whatsoever,” he said.