Immutable Backup: Have The Last Word Against Ransomware

Uploaded on 2025-01-29 in TECHNOLOGY--Resilience, FREE TO VIEW

With incidences of ransomware on the rise, nobody should even be thinking that an attack is something that couldn’t happen to them, let alone speak those words into existence. And for organizations that believe a breach couldn’t happen to them because they store their data in the cloud are burying their heads in the sand.

All companies are vulnerable to ransomware. According to Chainalysis, cybercriminals were able to extort more than $1 billion in cryptocurrency payments from victims in 2023.

What may have been a simple operational interruption 5 years ago has ballooned into millions of dollars per incident, loss of business reputation and a mystery as to how long it will take to return to viability. 

Standard Approaches To Data Security Are No Longer The Answer

Even more disturbing is that ransomware attacks today have become more sophisticated than the “smash and grab” variety of the past. What was once regarded as a way to win a quick score has become increasingly sophisticated, with cybercriminals content to play a waiting game to find out what data is important, which files are being accessed the most and gaining access to passwords.

Typically, organizations would utilize a system of various storage, snapshots, replication, and backup to ensure business continuity. But because this has become such a standard approach, cybercriminals have begun targeting these systems to ensure greater success at securing a payday.

Ninety-three percent of ransomware attacks today target backups. These backups are being turned off, erased and encrypted. Seventy-five percent are successful in preventing recovery and forcing payment. In addition to impacting operations, successful attacks lead to additional penalties for companies in industries that must protect personal information due to industry compliance and legal requirements.

Having Your Head(ache) In The Cloud

In an ever-increasing automated world, the ever-increasing shift to the cloud makes sense. Public clouds offer a plethora of benefits for organizations. Costs are shifted from upfront hardware purchases that will hopefully satisfy future capacity demands to only paying what is used as it is used. Scalability is easy. IT personnel can be utilized on tasks that directly support the business with managed cloud providers doing all the heavy lifting. One thing that it is not necessarily better at – despite the proclamations – is improved security. 

Data is only as secure as employees at a company or at the cloud provider make it. The challenge of the cloud for financial organizations under SEC regulations or medical providers that must contend with HIPAA requirements is that data saved to the cloud is out of their control.

There are plenty of instances where cybercriminals gain access to data stores because of human error. To what degree of accountability do cloud providers truly offer their customers?

  • What happens when a cybercriminal gains passwords to a company’s Microsoft Azure store or their AWS account?
  • To what degree are cloud providers made accountable for breaches that result in material loss?

Backups Should Be Protected On An Immutable Platform

Vulnerabilities are almost certain to occur in any software, hardware or firmware release – including cloud providers’ infrastructures as well. Though not a malicious attack, the recent CrowdStrike outage shows how widespread a disastrous event can be when it occurs as part of a cloud-native platform despite assurances that cybersecurity procedures are in place.

Well, if there are vulnerabilities everywhere, is everyone simply out of luck? Not so fast. Safeguarding a company’s most valuable asset – their data – remains paramount despite the obstacles. Especially as data volumes continue to expand at an unprecedented rate.

The challenge therefore is to manage growth while minimizing technological and/or human error to ensure data protection.

The primary goal of backup processes is to guarantee the ability to recover from any data loss or system failure within a predetermined timeframe. This necessitates a robust backup strategy involving automated processes across various applications, platforms and virtual environments. In the face of increasing ransomware threats, immutable storage has become a vital feature. 

Rather than placing all of one’s proverbial eggs into a single basket, organizations can strengthen their data storage protection through a hybrid cloud approach that leverages the benefits of the full cloud with the control and security of on-premises solutions. There are several options for ransomware protection including immutable snapshots, S3 object-locking and platforms that provide unbreakable backup. Such solutions offer immutable storage that keeps backup data safe from ransomware attacks, accidental deletions or silent data corruption, while ensuring that backup data remains unaltered and recoverable to provide businesses a reliable defense against evolving cybersecurity threats.

Conclusion

There are many benefits to moving to the cloud – from saving money, to easy scalability and greater reliability – for both IT and end users than on-premises infrastructure. However, security is not one of those benefits. Ransomware has evolved to the point where it is no longer a “will I get hit?” scenario but rather a “when I get hit” one. And, unfortunately, companies rarely see it coming. 

For businesses looking for better security of their data, having an immutable backup solution as either a standalone or as part of a hybrid cloud is a more attractive option. This is especially true for organizations with extremely sensitive information, such as healthcare or financial institutions. It can also be ideal for organizations that must comply with regulations that aren’t met by public cloud providers.

Want to have the last word in guaranteeing the safety, security and immediate availability of invaluable data?

Ignore the public cloud and instead implement an immutable solution that provides the data integrity, ransomware defense, compliance and legal requirements, and historical data preservation that is needed to tell cybercriminals that they are wasting their time.

Judy Kaldenberg, SVP Sales and Marketing at Nexsan

Image: Sashkinw

You Might Also Read:

A Guide to Understanding Market-Leading Data Storage Solutions:

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

 

« British Companies Will Spend 30% More On Cyber Security
CYRIN's New Attack Scenario - On An HVAC Scada System »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

Certification Europe

Certification Europe

Certification Europe (now Amtivo Ireland) is an accredited certification body which provides ISO management system certification, including ISO 27001.

Authenware

Authenware

AuthenWare delivers the highest level of identity security based on behavioral biometrics.

SentinelOne

SentinelOne

SentinelOne is a pioneer in delivering autonomous security for the endpoint, datacenter and cloud environments to help organizations secure their assets with speed and simplicity.

SafenSoft (SnS)

SafenSoft (SnS)

SafenSoft delivers high-efficiency, low-impact proactive protection against malware, insider threats, and confidential data leakage.

CyberWarrior

CyberWarrior

CyberWarrior deliver training and consulting for some of the world’s top brands and also partner with national systems integrators to augment their teams with our expertise.

Procilon Group

Procilon Group

Procilon Group specialize in the development of cryptographic software as well as strategic advice on information security and data protection.

Ataya & Partners

Ataya & Partners

Ataya & Partners is a consulting company that delivers data protection, cybersecurity and IT & Digital governance services.

Danish Maritime Cybersecurity Unit

Danish Maritime Cybersecurity Unit

The Danish Maritime Cybersecurity Unit is tasked with delivering the initiatives set out in the Cyber and Information Security Strategy for the Maritime Sector.

Dcode

Dcode

Dcode connects the tech industry and government to drive commercial innovation in the federal market.

StoneLock

StoneLock

StoneLock is a trusted leader in the design and manufacture of facial recognition software and technology.

Mitigate Cyber

Mitigate Cyber

Mitigate Cyber (formerly Xyone Cyber Security) offer a range of cyber security solutions, from threat mitigation to penetration testing, training & much more.

Wib

Wib

Wib is an API security leader. We are the only company providing a solution for the entire API development lifecycle.

Protect AI

Protect AI

Protect AI is a cybersecurity company focused on AI & ML systems. Through innovative security products and thought leadership in MLSecOps, we help our customers build a safer AI powered world.

Heartland Business Systems (HBS)

Heartland Business Systems (HBS)

Heartland Business Systems serves commercial, public sector and small to medium business with results-driven and dedicated information technology services.

Axient

Axient

Axient advances defense and civilian missions from aerospace to cyberspace with multi-domain test and analysis, mission engineering and operations, and advanced technologies.

ReformIT

ReformIT

ReformIT is a Managed IT Service and Security provider with many years experience helping companies find the right IT solutions to meet the needs of their businesses.