Computers are involved in nearly every aspect of pro audio, from production to delivery, and so is the internet. What’s more, many of us have web sites for promotion, education or to connect with clients. What do these things have in common? The data we generate, which is often stored, transferred or downloaded using the internet. Unfortunately, the internet was never developed with security in mind.
The stats are frightening: According to the Cisco 2017 Annual Cybersecurity Report, ransomware is growing at a yearly rate of 350 percent. More statistics: 4,000 ransomware attacks occur every day, one in every 131 emails contains malware, 81 percent of cyberattacks are based on weak or stolen passwords, and over 40 percent of cybercrime attacks target small businesses (it’s not just hospitals and local governments). Whether you know it or not, you’re in the crosshairs of at least a few cybercriminals—and they can bring your studio, post-production suite or web site to its knees with just one click.
There are two main safeguards. The first is being able to reconstruct your system so you don’t have to pay ransom in case of an attack. The second is preventing an attack in the first place.
Safeguarding Your Data: Backing up data has always mattered because data storage devices—whether hard drives, SSDs or even online servers—can and will fail. Drive imaging programs and backup storage are an essential line of data defense.
That said, having storage on your network and backing up periodically is no longer sufficient. Today’s ransomware may be able to infect everything on your network, including backup storage devices, so that when you try to restore your data, you can’t.
Cloud storage is one solution, but be careful with storage that syncs automatically to your computer, as it may incorporate the infection in your backup as soon as it syncs. Consider cloud storage as vulnerable unless you can turn off synching, and have made sure the data you’re backing up isn’t corrupted.
With network storage, you need more than one backup. If you do a complete backup every week, for example, keep several weeks’ worth of backups (on different media) in case the most recent backup was compromised. Also, back up with the computer offline, and physically disconnect the network’s backup storage media before going back online.
Another option is read-only optical storage media. I use Blu-ray discs for archival storage. They’re immune to tampering, more robust than DVD-ROMs, and hold lots of data (about 46 GB for dual-layer discs and over 100 GB for BDXL discs). For static data like sample libraries, Blu-ray discs can remain connected to your network at all times, with no worries they’ll be modified.
An Ounce of Prevention: Of course, it’s best to head off attacks before they hit your computer. You’ve heard these warnings before, but they bear repeating.
Keep Your OS and Security Software Updated: If you’ve patched a Windows or Mac machine lately, you’ll have noticed that many of the updates are about security. Granted, many people believe that “if it ain’t broke, don’t fix it,” and are reluctant to update a system that’s working. Updates can cause problems and be disruptive, but they’re not as disruptive as ransomware or viruses. Besides, you can use Time Machine on a Mac or System Restore on Windows to roll back any problematic updates until fixes are available. Your browser and operating system also offer various security options—use them.
Passwords Matter: Never use the same password for multiple sites because if cybercriminals can get into one site, the others become accessible. Some security experts recommend “passphrases” (i.e., long phrases) instead of passwords. Update your passwords at least monthly, especially for sites that supply work-critical services such as DAW updates. If keeping track of all of those passwords is too daunting, use a password manager—there are several free, effective choices (e.g., LastPass Free).
Scrutinize Attachment Names: You probably know not to download any attachment you don’t recognize, but also don’t click on any links in emails unless you know they’re legit, and watch for fake filenames. For example, if you’re expecting a file from CRAIG, don’t fall for one from CRAlG (lowercase L instead of capital I).
I hope you won’t be targeted with an attack, but the odds are increasing that you will be. You lock your studio’s door; lock your computer as well.
For more articles, information, and free downloads, visit craiganderton.org … and yes, it’s an SSL-secured web site.