Apr 14, 2022|3 min|Technology

Protecting a Growing Attack Surface from Ransomware

If you think ransomware attacks will slow, think again. Just a few years ago, Cybersecurity Ventures predicted a ransomware attack every 14 seconds. Last year it was every 11 seconds. A decade from now, the same group expects ransomware to attack an enterprise every two seconds. Think about that for a second—or two.

There’s little doubt building platforms and applications spanning multiple public and private clouds as well as on-premises data centers is accelerating digital transformation, agility, and responsiveness. But it’s also ensuring data is more distributed than ever—across many systems. The challenge today is that disparate, siloed, legacy products aren’t doing an effective job of protecting data everywhere. Moreover, enterprises are left to defend wider-than-necessary attack surfaces created by new cloud-age silos, guarded and managed by different point products depending on need (backup, disaster recovery, etc.).

In a nutshell, in the rush to exploit new hybrid and multicloud architectures, many enterprises have opened doors to bad actors, making their most valuable asset also their most vulnerable.

Keep data safe and systems resilient through Zero Trust

Half of enterprises surveyed by the Everest Group say that meeting data compliance standards is among the top three business challenges they face in a post-pandemic world. In its report Driving Enterprise Business Transformation with Next-Generation Data Management, analysts observe, “The higher the fragmentation of data, the larger the attack surface.”

The answer isn’t to retreat from hybrid architectures; it’s to adopt a data security and management platform that consolidates siloed data and protects it from ransomware attacks with unified, Zero Trust security principles. Because attacks will keep coming—some even getting through. That’s why keeping data safe is key and recovering from attacks quickly is crucial.

“When you have one platform, logically spanning your infrastructure, there is reduced surface area, as opposed to when you have multiple silos and attackers can get into the weakest link,” says Cohesity CEO and Founder Mohit Aron.

The platform keeps data safe and enterprises resilient by:

  • Reducing attack surfaces – It consolidates vulnerable infrastructure silos onto one secure, scalable platform.
  • Recovering rapidly from ransomware attacks – It creates immutable data snapshots—backups that can’t be encrypted, modified, or overwritten by ransomware—and monitors them using artificial intelligence and machine learning (AI/ML).
  • Integrating with a security ecosystem – It works seamlessly with pre-built apps from respected third-party security partners and allows teams to build their own protections, too, so the platform continuously benefits from the highest levels of protection.

If an enterprise falls victim to one of the growing waves of ransomware attacks, the platform quickly locates a clean, uninfected copy of data across the consolidated, global footprint, including public clouds. That way, the enterprise can instantly recover and reduce downtime.

Cyber resiliency in the real world

Sky Lakes Medical Center is a not-for-profit teaching hospital serving south-central Oregon and northern California. When it replaced its aging data center infrastructure with the Cohesity platform, it was prepared for what came next: a massive ransomware attack at the height of the pandemic. Sky Lakes was unexpectedly targeted and breached by ransomware, but the immutable backup snapshots, DataLock (WORM) capabilities, and other Threat Defense protections from Cohesity helped it detect the threat as well as rapidly recover data at scale.

“Our organization suffered a critical ransomware attack, effectively crippling our entire infrastructure,” explained Sam Stewart, Sky Lakes Network Systems Analyst. “With Cohesity, we’ve been able to recover machines and file shares, verify they’re clean, and bring the applications back online. Cohesity literally saved us hundreds of hours of work and prevented us from having to actually pay the ransom note.”

Had Sky Lakes still been using its legacy systems, rather than a next-gen data management platform, and been forced to work from tape backups, it would have taken weeks, not minutes, to recover from the attack, members of the team stated. It also would have lost months of data. Instead, Sky Lakes retained its data and refused to pay the ransom.

Incorporating Zero Trust principles

Over time, ransomware has grown gradually more destructive. Attacks have evolved from simply encrypting production data, to destroying backups, to wholesale data theft. At each stage in this evolution, the scope of damage from ransomware—the blast radius—has expanded. A Threat Defense Architecture keeps the possible damage to a minimum while ensuring enterprises remain up and running.

To learn how to incorporate Zero Trust security principles into a defense in depth and Threat Defense Architecture, visit Cohesity.

Written by


Team Cohesity


Team Cohesity

You may also like


Cyber resilience in the ransomware era: Introducing new Cohesity DataHawk capabilities

Press Release

Cohesity Forms Industry’s Largest Alliance of DSPM Vendors To Reduce Customer Risks of Cloud Transformation and Data Democratization

X image
Icon ionic ios-globe

You are now leaving the German section of www.cohesity.com/de/ and come to an English section of the site. Please click if you want to continue.

Don't show this warning again

Icon ionic ios-globe

You are now leaving the German section of www.cohesity.com/de/ and come to an English section of the site. Please click if you want to continue.

Don't show this warning again