When it rains, it pours. And that’s certainly the case when it comes to ransomware attacks. More and more companies worldwide are being affected by ransomware, and facing significant costs associated with paying the ransom and restoring their IT systems. In fact, it has been predicted that a business will fall victim to a ransomware attack every 11 seconds and global ransomware damage costs will reach $20 billion by 2021. As these events become more frequent and the tactics of cyber criminals grow more sophisticated, organizations are having trouble keeping up and protecting themselves from this growing storm.
Ransomware: A Cloudy Forecast
Ransomware has taken many forms and has evolved rapidly over the years. Early attacks affecting companies typically involved hackers holding data hostage and demanding ransom payments to release it. For example, in 2018, the city of Atlanta had their city systems infected with SamSam malware and hackers asked for $50,000 ransom to be paid. The city had to spend over 2.6 million dollars in emergency efforts to get their municipal systems up and running, with the recovery costing much more than the ransom demand.
But, it didn’t take long for bad actors to develop a new method of cyber mayhem: attacking backup data first. In this scenario, ransomware initially attacks target backup systems and encrypts or destroys backup data before subsequently unfolding in production. With their backup “insurance policy” gone, organizations either must pay the ransom or painstakingly rebuild their systems and operations from the ground up. Just last month, a suspected cyberattack on Newfoundland and Labrador’s health network impacted the health system’s main and backup systems. As a result, thousands had to have medical appointments rescheduled and local offices had to resort to pen and paper recordkeeping while they worked to get their systems back online.
And, cyber criminals haven’t stopped there. Their latest strategy is stealing data and threatening to either sell it to the highest bidder on the dark web or simply exposing it online, potentially diminishing the value of company IP and harming public perception. Just last year, Travelex suffered a ransomware attack where the company’s entire network was encrypted, backup files were deleted and over 5 GB of personal data was exfiltrated. And, it is important to note that it’s not always unknown, outside forces posing these threats — an employee can also cause huge disruptions from the inside.
So how do organizations protect against hacker encryption, destroyed backups, data exfiltration, and other evolving threats?
The ideal solution is a next-gen data management platform that combines four unique elements: simplicity at scale, zero trust security principles, AI-powered insights, and third-party extensibility to help counter the actions of criminals. It’s the integration of all four of these elements that address today’s challenges and enable organizations to protect their business from ransomware and other cybercrimes.
Cohesity Threat Defense Architecture
To help minimize the blast radius of ransomware, Cohesity’s threat defense architecture aims to keep the bad actors at bay. First and foremost, Cohesity’s architecture helps ensure data resiliency by providing key capabilities such as encryption and immutability so it would be difficult for the bad guys to tamper with your data. Secondly, our architecture is designed to provide various access-control mechanisms to help keep criminals from getting to your data in the first place. And with AI-powered detection and analytics, you can harden your environment before something occurs by understanding where your most valuable assets reside and who has access to them, while at the same time receiving alerts of suspicious behavioral access patterns. Cohesity also realizes that ransomware is not something that any one vendor can solve alone and provides the ability to easily integrate with existing security products including ones from Amazon Web Services (AWS). Consider it a giant umbrella that can protect you against the ransomware storm.
Cohesity’s DataProtect Delivered as a Service – a Raincoat for Your Data
We believe data backup and recovery is one of the key solutions necessary for protecting your business in the event of a ransomware attack. If an organization has a clean backup copy of data when ransomware hits, they can easily recover production data that is being encrypted. On top of that, Cohesity offers immutability and access controls at the platform level- that help prevent cybercriminals from reaching data in the first place.
DataProtect delivered as a Service is an enterprise-grade backup as a service (BaaS) solution that protects on-premises, SaaS, and cloud-native data by eliminating silos and consolidating backup data across a variety of locations and data sources. By utilizing encryption and flexible key management, we believe businesses can reduce data transfer costs while protecting data that’s at rest and in flight. And organizations can free up vital resources because they can spend less time managing infrastructure while providing self-service backup for remote teams and locations.
DataProtect delivered as a Service provides advanced failure and recovery capabilities with bulk or granular restores to the original source or a new designated location. And you can also leverage global search to quick find and recover your data, no matter where it is, without digging into specific locations, jobs, or archives.
Just like the weather, it’s hard to predict when and where the next cyber attack will happen. Now is the time to work with Cohesity to help navigate the storm.
To learn more about how Cohesity can help minimize the impact of ransomware attacks, visit us at booth 249 at AWS re:Invent Nov 28-Dec 3 in Las Vegas.