"'3-2-1 Golden Rule' Secure Backup Prevents Ransomware Damage" [Concealment 12]

Even if a company is attacked by hackers, there is a way to restore its information to its original state. The most reliable method is 'secure backup.' Kim Seungjoo, a professor at Korea University's Graduate School of Information Security, said, "The only solution to ransomware is secure backup," and added, "The smaller the company, the less frequently they can back up and the harder it is to implement secure backup, which increases the risk of hacking."

Secure backup refers to storing copies of company data in storage spaces that are separated from the company servers and protected by locking technologies. These systems are also equipped with real-time anomaly detection features, which can sometimes detect an intrusion before a hacker gains access. Typically, small and medium-sized enterprises lack sufficient IT personnel, making it difficult to build such backup systems on their own. Instead, they usually subscribe to security companies' services and use servers or storage in cloud environments that are not connected to the company network for backup. This is fundamentally different from ordinary backup, which simply copies files. With only ordinary backup, hackers can delete backup copies entirely or encrypt them along with other files.

A chemical plant in a provincial area relied solely on backup using a network attached storage (NAS) system and fell victim to ransomware without any defense in early 2024. The company's CEO had heard about the importance of backup from an acquaintance and invested 10 million won to set up the NAS system. However, he overlooked the fact that the NAS was always connected to employees' computers. As a result, when a hacker infiltrated an employee's computer, the files on the NAS were also encrypted. The CEO said, "It was frustrating to be hacked even after spending money on backup," and added, "After the incident, I was able to establish a proper backup strategy through consultations with a security company."

Choi Byungun, Chief Privacy Officer (CPO) at a domestic startup, said, "In the security industry, the '3-2-1 rule' based on secure backup is commonly referred to as the golden rule of backup." This means backing up a total of 'three copies of data,' including the original and two copies, on 'two different storage devices,' with 'one copy' stored in a location not connected to the network.

This backup method was first advocated by American photographer Peter Krogh in his 2005 book. It has since been widely adopted in the tech industry and has become an international backup principle for responding to ransomware. Choi said, "Compared to handing over dozens of Bitcoins to hackers, the cost of protecting data connected to the work of all employees is never too high."

The IT manager of a mid-sized company, who had to watch as 300 company computers were infected with ransomware in real time after a new employee mistakenly clicked on an email sent by hackers last year, also took secure backup measures as the first step after the incident. The manager said, "After the hacking incident, we contracted with a security company and now back up three copies of data every day and perform offline backups once a week," adding, "People around me ask if this is really necessary, but if you never want to go through that pain again, this is the safest method."

© The Asia Business Daily(www.asiae.co.kr). All rights reserved.