This is part of an ongoing series of posts in which we’ll dive into the complexities and challenges facing modern SaaS platforms. We’ll also look at how we can leverage modern cloud architecture to keep our software safe, secure, and accessible.
In this blog post, Benny Olsson, CTO at Norce, will take a look at how Norce harnesses Azure to secure Norce Commerce against ransomware attacks, and some of the proactive measures and recovery strategies in place.
The threat of ransomware is taking the world by storm. Hardly a week goes by without another report about major corporations or governments falling victims to this menace. When not even corporations like Maersk, Swissport, or UK National Health Service are spared, it may seem there is little hope for even smaller players to stay safe.
Broadly speaking there are two types of ransomware attacks.
There’s the “Script Kiddie”-approach in which an attacker uses a generic attack tool, usually with no consideration for context. These types of attacks are aiming for quantity rather than quality; if at first they don’t succeed they’ll usually move on to the next target.
Then there’s the targeted, usually well-funded, “Targeted Attacks”. These types of attacks are performed by threat actors who’s determined to break one specific target. They usually play the long game and will find ways into your system that you couldn’t have imagined even on your best day.
The Script Kiddie can usually be mitigated by proactive measures such as threat detection, access management, and data isolation. Set up correctly, these measures will dramatically reduce the likelihood that a generic attack will be successful.
The Targeted Attack however is far worse. If you’re the target of a well-funded threat actor who’s determined to take out your system, it’s not a question of “if” but “when” they’re successful. When this happens, you better have made sure that your recovery strategy and backups have you covered.
At Norce, we’ve taken this insight to heart and put it into practice by focusing on both proactive measures and having a set of rapid recovery strategies in place.
Leveraging native Azure PaaS services such as Azure Kubernetes Services, Azure SQL Managed Instances, and Azure Cache for Redis means that we never have to worry about whether or not our infrastructure is up to date or plan self-executed “patch windows”. It also makes worrying about access management, data isolation, and backup management a thing of the past, freeing up much needed time from our DevSecOps team. Microsoft’s continuous investment in cloud cyber security means that we not only get 24/7 threat detection, but also benefit from all the work their security specialists put into making Azure one of the safest cloud platforms out there.
However, should we be the target of a well-funded and motivated threat actor, and they do succeed in compromising our environment, what then?
As mentioned earlier, backups are managed by Azure and are both access managed and geographically distributed in a way that ensures data integrity in case of an attack.
The step in any recovery process that usually takes a huge amount of time involves setting up the infrastructure, i.e. setting up network, servers, Kubernetes, etc. This is effectively mitigated by using Infrastructure as Code, which is what we’ve done for the entire Norce Commerce Azure infrastructure. This means that setting up an entirely new Azure environment is an almost 100% automated process with only a few manual steps involved. This greatly reduces the time needed for disaster recovery and guarantees a rapid recovery for both us and our customers.
We’re fortunate in that we haven’t yet had to use any of our strategies in a real-life scenario but knowing the cyber threat landscape of today it’s only a matter of time. However, the combination of well-designed disaster recovery strategies, the built-in security features in Azure PaaS services, and Microsoft’s continuous investments in cyber security means that we at Norce feel safe in knowing that we’re both well protected in our day-to-day operations and well prepared in case the worst happens.
As the CTO of a SaaS-company I feel that this is a subject that we as a community aren’t focusing on enough and aren’t discussing as much as we should. Is it a question of protectionism, or are we afraid to expose how ill-prepared we are? I’m not sure, but I firmly believe that we collectively would benefit from a more open discussion and more knowledge sharing.
Do you agree? Reach out and let’s get a discussion going!