Digital Newsletter
Each week our editor Phil Alsop rounds up the most popular articles, videos and expert opinions. We compile this into a Digital Newsletter and send it straight to your inbox every week.
Digital Magazines
We'll let you know each time a new edition of Digitalisation World is released so that you're always kept up-to-date with the latest and greatest news and press releases.
Video Magazines
The Digitalisation World Video magazine contains the latest Zoom interviews with experts in the industry.
The most critical means of maintaining service continuity is to protect an organisation’s backups first before anything else. Any failure to recognise that cyber-criminals comprehend see backups as any large, medium or small companies’ Achilles Heel, could lead to a significant amount of downtime and lost, irreplaceable data, rendering any organisation null and void.
An article in Hacker News, published on 17th June 2025, ‘Backups Are Under Attack: How to Protect Your Backups’, writes: “Ransomware has become a highly coordinated and pervasive threat, and traditional defences are increasingly struggling to neutralise it.”
“Today's ransomware attacks initially target your last line of defence — your backup infrastructure. Before locking up your production environment, cyber-criminals go after your backups to cripple your ability to recover, increasing the odds of a ransom payout.”
The UK’s National Security Cyber Centre adds: “Backups are an essential part of an organisation’s response and recovery process. Making regular backups is the most effective way to recover from a destructive ransomware attack, where an attacker’s aim is to destroy or erase a victim’s data.”
Early-stage attacks
The Centre says that attacks on backups and network infrastructure quite often occur during the early stages of a destructive ransomware attack. To make it impossible to recover from an attack, cyber-criminals delete or destroy data to increase the threat and the likelihood of a ransom being paid out to them. Stored data that’s connected to a network – including the public internet or to the cloud – is therefore potentially under significant threat from ransomware actors.
To prevent this from happening, measures have to be put in place to make it impossible for them to attack the data in the first place. The primary method of protecting data – whether it is stored on tape or disk – is to create one or more airgaps. They disconnect the data from any public network, reducing the likelihood of any threat actor being able to access, steal, hold captive or delete the data. However, data can be stored on an internal, secured local area network as part of an air-gapping strategy.
Nevertheless, there will be occasions when the data must be recovered or migrated to different sites that might be located thousands of miles away. This might be to support disaster recovery, or to simply have duplicate copies of the data on other servers in other datacentres or disaster recovery sites around the world.
Man with a van
If the data is stored on tape or disk, transportation could be done using a man with a van approach, but that would take time and the vehicle could end up being stolen. The most obvious way to transport data would be to use a Wide Area Network (WAN) – including the internet - or to host it in the cloud.
When data is hosted in the cloud, it can be accessed from multiple points if the right permissions are given to access it. However, for the most sensitive data, this approach can be highly risky. As soon as the data is connected to a public network, it becomes a potential target and vulnerable to attack.
Network latency and packet loss could also make the task of transmitting 100 Gb/s of data difficult to achieve, too. They can make a network sluggish and reduce bandwidth utilisation. SD-WANs and WAN Optimisation are great technologies, but they won’t necessarily improve network and data performance, because latency can only be mitigated and not resolved.
Mitigating latency
So how can you mitigate latency? Well, increasing the bandwidth of your pipes won’t make much difference. WAN Optimisation can’t handle encrypted data, and in terms of its performance, it doesn’t live up to what its vendors claim. SD-WANs also benefit from a WAN Acceleration overlay in the pursuit of high network performance, and faster data transfer speeds. They, too, are a great technology, but they often need a boost.
What organisations need today is the ability to use artificial intelligence, machine learning and data parallelisation to mitigate them – in other words - WAN Acceleration. It permits encrypted data to be sent and received at a rate that’s up to 200 times faster than standard WAN connections – including WAN Optimisation. That not only saves time and money but also makes it easier to prevent data from backups that is being transferred from one location to another harder for cyber-criminals to divert and to unlock.
This includes encrypted data that is stored offline on tape and disk, which may be required elsewhere – temporarily meaning that when an airgap has to be bridged to expedite the data elsewhere, it has to be done securely and then, when the data is at rest, an airgap can be reinstated by ensuring that data is disconnected from any public network.
Airgaps can be attacked
Sead Fadilpašić, writing for TechRadar, nevertheless warns that even airgaps can be attacked. In his October 2024 article, ‘European government systems hit by air-gap malware attack, he points out: “Hackers have managed to steal sensitive information from air-gapped systems belonging to different European governments on at least three separate occasions, experts have warned.”
So, if the data is air-gapped, how can cyber-criminals still get access to it to deliver malware? Well, a threat actor such as GoldenJackal, which targets governments in Europe and Asia, uses infected USB drives to deliver and launch malware, such as GoldenDealer and GoldenAce. The malware is launched as soon as the USB drive is plugged into the server that stores the air-gapped data. It then self-replicated and mixes with other malware to cause havoc.
Some malware that is used in this kind of attack copies documents, images, encryption keys and OpenVPN configuration files, as well as other sensitive data. When the USB drive is reconnected to an internet-enabled device, it sends the data to a C2 server. Therefore, WAN Acceleration is only one part of the strategy in ensuring that air-gapped data is safe. Other measures – including employee screening – and policies about USB drive use also need to be put in place to keep data secure.
Comprehensive strategies
To summarise, cyber-security strategies should be comprehensive to prevent any kind of cyber-security attack from exploiting any kind of vulnerability. It’s therefore vital to consider all possibilities. While airgaps come some way to protect data, that data also needs to be securely replicated and stored elsewhere so that it can be available – even if disruption is caused by malware being launched from a USB drive.
Nevertheless, air-gapped data needs WAN Acceleration whenever data needs to be sent to and recovered from disaster recovery sites at speed without being impinged by latency, packet loss or poor bandwidth utilisation. This is particularly crucial in banking and finance, defence, healthcare and in other key sectors where data is of the utmost importance and sensitivity.
