Redundancy: the system that can help you against cyberattacks
As cyberattacks continue to increase, it is increasingly urgent to ensure the cybersecurity of companies, organizations, and institutions. The most recent cyberattack in Portugal on the telecommunications company Vodafone affected dozens of essential services. Because they lacked redundant systems, these companies were at the mercy of hackers.
Redundant systems give companies extra security in the event of a cyberattack and in the case of a systems failure or external failures, such as a blackout or natural disaster, that compromise the operation of a company's core services.
What are redundant systems?
In the strict sense, the word redundancy means that something is unnecessary because it is more than is needed. In the broad sense, and applied to information technology, redundancy, or redundant system, means maintaining duplicate or triplicate systems to guarantee high availability of critical information, processes, and equipment.
That is, redundancy maintains the replication of components critical to the operation of a service, system, network, and data, ensuring the continued correct operation of the systems in case of failure or cyber-attack.
The replication of these systems can be physical or virtual. There may be a building or room, or there may only be a backup in a location external to the systems attached to the company, institution, or organization.
At the most basic level of cybersecurity, there are some practices you should adopt to protect yourself from cyberattacks. Consult our article about ransomware to discover the tricks to keep your company safe.
What are the types of redundancy?
You can create redundant systems in different computer components. Whether hardware, network, or data level. The priority is always to ensure the high availability of the fundamental processes and equipment of the company, institution, or organization.
Hardware
This type of redundancy system is possibly the most common or best known. Hardware redundancy is the act of duplicating or triplicating equipment to detect or nullify the effects of a failed component. Instead of using a single processor, companies can use two or three processors, each performing the same function.
Software
Software redundancy can translate into a pack of functionally equivalent programs generated independently from the same initial specifications. That is, it performs the same functionality by performing different elements.
Information
One of the most widely used systems is information redundancy. In this case, more information than necessary is used, such as the application of error detection and correction codes, to increase the reliability of a computer system.
Time
Time redundancy repeats the same operation several times. The system executes a program multiple times or makes several copies of transmitted data to compare the results with previously stored copies, avoiding using hardware.
How to apply the redundancy effectively
There are several strategies for turning a redundant system into an effective and responsive system. When the focus is on defense against cyberattacks, replicating components across multiple hardware units may be sufficient.
However, when thinking about larger-scale problems, such as natural disasters or organized terrorism cyber-attacks (organizations with many people), other factors can increase the effectiveness of the systems.
One of the most relevant is the distribution of component replications over various geographical areas so that they integrate into multiple networks in different countries.
This factor completely undermines the danger posed by natural disasters since it is highly improbable that two (or more) natural disasters will happen in several places in synchrony.
It also creates difficulty to the organization and effort that organized cyber-attacks will have to make. Because the replications are on international networks, making the vulnerabilities found in each one also differ, requiring more research by the hackers.
It also adds the difficulty of keeping these attacks - fundamentally different because they are on different networks - synchronous across all possible access points to the platform.
In the case of the attack on Vodafone, in which redundant systems were also affected, specialists speculate that the hackers carried out a "Denial-of-service" (DDoS) attack. It means that the hackers tried to hack into system resources unavailable to users.
In this type of attack, the attackers usually generate large volumes of packets or requests, which eventually overwhelm the target system. In the case of a DDoS, the attacker uses multiple compromised or controlled sources to generate the attack.