AI and deepfake attacks: Three steps to a cyber recovery plan

According to the Flashpoint 2024 Global Threat Intelligence Report, hackers stole an almost unbelievable amount of information in 2023 alone: 17 billion pieces of personal data were compromised. This is four times more than in the previous year and affects millions of people.

The impact of identity theft, financial fraud and other large-scale data breaches on victims’ lives is profound.

The alarming increase in cases of fraud in all sectors can be attributed in particular to the weakness of the defense mechanisms in many companies. This is due to outdated protection measures and the need to improve the basics of data protection. Veritas Technologies shows how a solid cyber recovery plan leads step by step to better protection of personal information and sensitive company data.

Advanced security risks

Cyber threats are becoming increasingly complex and sophisticated. The days when attackers used simple malware or phishing campaigns are over. Attacks have evolved and reached a new level of danger. Today, cybercriminals use advanced techniques that are often supported by sophisticated networks with considerable financial resources. This gives them access to innovative tactics such as deepfake technology and AI-powered social engineering attacks, to name but a few.

These new methods often allow attackers to bypass conventional security measures and gain access to login credentials. According to IBM’s Data Breach Action Guide, it takes an average of 277 days for a breach to be detected and contained: 207 days for detection and 70 days for containment. This means that cyber criminals can choose the most promising target during this time to take company data hostage.

Step by step to more security

Companies must act now and prepare for the latest cyber attacks and methods. The following checklist will help you to increase your resistance to cyberattacks, among other things. It also provides an overview to equip cyber security, compliance and data protection teams with structured approaches. This also makes recovery plans easier to implement and test regularly.

Step 1: create a solid foundation

Any good strategy for recovering data from the Internet needs a solid foundation. These include:

1. … the creation of protection plans and the application of proper security controls and retention policies tailored to the organization’s requirements;
2. … the creation of immutable backups: Immutable Storage ensures that backup data remains intact when it is needed most;
3. … the introduction of a “3, 2, 1” backup: three copies should be stored on two different media, with one copy stored externally or in isolation.

Step 2: manage the risk

In phase 2, the focus shifts to the teams. This includes the employees themselves, processes and technologies that support the company’s security infrastructure. Proactive risk management includes:

1. … the regular performance of dark data and risk assessments,
2. … the identification and classification of sensitive data,
3. … setting up an isolated recovery environment to restore data and verify that all malware has been removed,
4. … ensuring that all these plans are documented in runbooks that correspond to the priorities of the company’s business applications.

Step 3: Check and improve the plan regularly

The most comprehensive part of the cyber security strategy is to continuously review, refine and improve it. Because data security is not a one-off task. Companies should:

1. … test their incident response and recovery plans in a controlled environment. This is done through regular recovery exercises and simulations;
2. … use tabletop exercises and red teaming to gain valuable insights into how well current strategies are working;
3. … strengthen the teams’ muscle memory and ensure that they can react quickly and in a coordinated manner to real incidents.

“With a concrete checklist, companies can turn the overwhelming task of cyber disaster recovery into clear and proactive planning. This provides their employees with clear measures and processes. It can also transform the seemingly huge task of cyber security into a structured, manageable and dynamic process,” explains Ralf Baumann, Country Manager at Veritas Technologies. “By creating a solid foundation and managing risks, companies can fend off current threats and anticipate and minimize future dangers in good time. The cyber disaster recovery checklist thus becomes a powerful tool for mastering the digital age securely and resiliently.”

(pd/Veritas)