What enlightenment does it consulting giant Accenture get from the blackmail attack?

In recent days, , The global IT Consulting giant wealth 500 Accenture, a strong company, has encountered LockBit Extortion software network attacks by extortion software organizations . A group called LockBit 2.0 The blackmail software organization claims to have stolen... From Accenture 6TB The data of , And demand payment of 5000 A ransom of ten thousand dollars .

Accenture issued an email statement after the attack , It said that it had controlled and isolated the affected servers immediately after the incident , And completely recovered the affected system from the backup . And the latest news shows , Accenture did not pay the ransom , Blackmail organizations have released stolen data , However, no sensitive information of Accenture has been found in it for the time being .

From the experience of Accenture this time , It's not hard to see. , The significance of a perfect system backup scheme in combating blackmail virus attacks . in fact , Complete system backup and sufficient risk detection , It is also recognized as the first line of defense against blackmail virus in the industry .

When the backup system is perfect , The enterprise can recover the system in the shortest time . Considering the powerful destructive power of blackmail virus , Enterprises should try their best to make full system backup , It is usually possible to follow 3-2-1 To implement backup , That is, important data needs 3 Full file backup , One original plus two copies ; Store files on tape 、 Compact disc 、 Cloud storage on at least two different media ; Keep a file in a different place .

Except backup system , In terms of risk detection , The enterprise needs to manage the vulnerability of service components 、 Baseline inspection, etc , To proactively identify potential vulnerability risks , Build a security line , And realize active defense through virus checking and killing engine . But these jobs often require a lot of team and money , It will cause great pressure to some small and medium-sized enterprises .

With the development of cloud computing technology , Cloud has become the best solution for enterprises to ensure business development while taking into account security construction , Many practices have proved that the host system on the cloud can naturally resist the destruction of extortion viruses , One of the important reasons is Cloud service providers provide customers with relatively complete backup solutions , So that the injured users can recover their business at a relatively low cost ; and , Cloud service providers often have professional security teams 7*24 Hourly monitoring of cloud attack activities , It can often be handled in the initial stage of the attack , Thus, the probability of catastrophic events such as system failure is greatly reduced .

Take Tencent cloud for example , Before the blackmail virus attack , Through the coordination of Tencent basic security products, risk detection and full backup can be realized in parallel , Help customers to nip in the bud . The specific term , For public cloud users , Tencent security can provide the following security product combinations , Help users realize perfect data backup and risk detection ：

1. Cloud drive CBS： To provide for CVM Persistent data block level storage service for ;

2. Secure hosting services ： Provide security assessment services , To discover and fix network vulnerabilities ;

3. Host security ： Provide baseline detection and vulnerability detection and repair services ;

4. Vulnerability scanning service ： Network asset security vulnerability scanning and repair service .

And for using Private cloud 、 A hybrid cloud For government and enterprise organizations in complex network environment , Need to cover a complete security defense system from cloud to end , The protection work is relatively more complicated . The following products can be flexibly combined and deployed according to their own business needs , Achieve effective prior prevention ：

1. Tencent security operation center （SOC）： Coordinate and manage existing safety protection products and teams , Provide decision reference ;

2. Tencent advanced threat detection system (NTA）： Bypass flow analysis detection , Real time warning of hacker attacks ;

3. Tencent zero trust iOA： Ensure trusted access to enterprise resources and reduce the risk of enterprise data leakage ;

4. Tencent network intrusion prevention system （NIPS）： Real time linkage with other security products blocks all attack connections .

Blackmail virus has been highly concerned by the industry because of its powerful destructive power , But in essence, extortion is only a form of realization after the virus invades and obtains the core data of the enterprise , Blackmail attacks facing the industry , In general, all virus intrusion methods have been included , If an enterprise cannot defend against blackmail attacks , Also can not resist other network attacks . therefore , The defense against blackmail virus should start from the infrastructure of enterprise network security , In the process of enterprise information construction , Back up the data 、 Vulnerability management 、 Patch update 、 Regular safety training for employees shall be listed in the important agenda , It is always better to nip in the bud than to make amends after a while .