Minimize the impact of ransomware attack

January 28, 2022 10:02
Photo: Pure Storage

Dealing with a ransomware attack during the COVID-19 pandemic could be a nightmare scenario. According to a ransomware report, the average ransomware payment in the first half of 2021 Q1 was US$ 0.57 million, (HK$ 4.45 million), up 82% from 2020 H1. Data has become a prime target and enabler in the highly profitable world of cybercrime. It’s also a target for bad actors looking to harm a business.

As a result, organisations are constantly fending off a range of malicious activities that are laser-focused on flipping this hot commodity into cold, hard cash or destroying it to inflict irreparable damage on the organisation.

Ransomware is one common attack approach, but other potential threats also exist, such as rogue administrators, disgruntled employees, and third parties that delete or download files. So, how can you better protect your data from malicious activity?

Despite the Best Protection, Your Data May Still Not Be Safe

It’s important to point out that we’re not talking about yet another cybersecurity solution or tool. Organizations probably have multiple layers of cybersecurity defense in place to stop these kinds of attacks before they can bring the business down. And those solutions are necessary.

However, we all know that these solutions and layers aren’t 100% impenetrable. There’s always an exploitable weakness or attack vector which comes from anywhere: Poor password choices, an inadvertent click on an email by an unsuspecting employee, or someone with the “keys” to attack from within the organization.

Organizations simply can’t protect all avenues of attack all the time. That’s why safer data is so critical. By putting a last line of defense in place, you still have an option for quick recovery even if your prevention solutions fail.

Backups May Not Be Enough

Here’s an increasingly common scenario. An organization experiences an attack, either by ransomware or a malicious insider. The organization believes it’s prepared. It has data backups to reduce the damage of the attack and ensure it can get systems back up and running without having to pay off the criminals.

But, the company soon discovers that the attackers haven’t just deleted or locked the primary data. They’ve also infected or deleted the backup data. Once that happens, it’s virtually impossible to rebuild.

So, the organization grudgingly pays the ransom. Or it starts the time-intensive data-recovery process from older backups and accepts that it will lose some data. Neither is a great outcome.

But, let’s say the backup data wasn’t affected and the company can start to recover. Recovering all of the primary data could be petabytes of data. It could take days, weeks, or even months to recover all that data using traditional backup solutions.

When recovering from an attack, speed is critical. To keep focused on the goal of safer data, the organization also needs a framework that delivers faster restoration, replication, and recovery of all your data, particularly at scale. And most importantly, it must be impervious to any of the events described above.

Tailor a Safer Data System

When talking about safer data, it is not just talking about traditional backup or disaster recovery. The organization also needs to set up a safer data system with built-in mitigation and recovery capabilities. A system that acts as a true last line of defense.

Setting a last line of defense to back up data, a unified platform with two key features - modern data protection and fast recovery speed, will be needed. The platform helps mitigate ransomware attacks and protect backup metadata by creating read-only snapshots. All snapshot records allow a faster roll-back to a previous point-in-time than from backups. This means that no matter what level of access hackers may have to the system, organization will be able to recover data as quickly as possible.

This powerful combination of traditional form and the safer data system brings an augmentation strategy to protect the most valuable parts of your business and get business back up and running in the event of a ransomware or malicious attack.

-- Contact us at [email protected]

General Manager, Pure Storage Hong Kong & Macau