Immutable Backup: Have The Last Word Against Ransomware

Uploaded on 2025-01-29 in TECHNOLOGY--Resilience, FREE TO VIEW

With incidences of ransomware on the rise, nobody should even be thinking that an attack is something that couldn’t happen to them, let alone speak those words into existence. And for organizations that believe a breach couldn’t happen to them because they store their data in the cloud are burying their heads in the sand.

All companies are vulnerable to ransomware. According to Chainalysis, cybercriminals were able to extort more than $1 billion in cryptocurrency payments from victims in 2023.

What may have been a simple operational interruption 5 years ago has ballooned into millions of dollars per incident, loss of business reputation and a mystery as to how long it will take to return to viability. 

Standard Approaches To Data Security Are No Longer The Answer

Even more disturbing is that ransomware attacks today have become more sophisticated than the “smash and grab” variety of the past. What was once regarded as a way to win a quick score has become increasingly sophisticated, with cybercriminals content to play a waiting game to find out what data is important, which files are being accessed the most and gaining access to passwords.

Typically, organizations would utilize a system of various storage, snapshots, replication, and backup to ensure business continuity. But because this has become such a standard approach, cybercriminals have begun targeting these systems to ensure greater success at securing a payday.

Ninety-three percent of ransomware attacks today target backups. These backups are being turned off, erased and encrypted. Seventy-five percent are successful in preventing recovery and forcing payment. In addition to impacting operations, successful attacks lead to additional penalties for companies in industries that must protect personal information due to industry compliance and legal requirements.

Having Your Head(ache) In The Cloud

In an ever-increasing automated world, the ever-increasing shift to the cloud makes sense. Public clouds offer a plethora of benefits for organizations. Costs are shifted from upfront hardware purchases that will hopefully satisfy future capacity demands to only paying what is used as it is used. Scalability is easy. IT personnel can be utilized on tasks that directly support the business with managed cloud providers doing all the heavy lifting. One thing that it is not necessarily better at – despite the proclamations – is improved security. 

Data is only as secure as employees at a company or at the cloud provider make it. The challenge of the cloud for financial organizations under SEC regulations or medical providers that must contend with HIPAA requirements is that data saved to the cloud is out of their control.

There are plenty of instances where cybercriminals gain access to data stores because of human error. To what degree of accountability do cloud providers truly offer their customers?

  • What happens when a cybercriminal gains passwords to a company’s Microsoft Azure store or their AWS account?
  • To what degree are cloud providers made accountable for breaches that result in material loss?

Backups Should Be Protected On An Immutable Platform

Vulnerabilities are almost certain to occur in any software, hardware or firmware release – including cloud providers’ infrastructures as well. Though not a malicious attack, the recent CrowdStrike outage shows how widespread a disastrous event can be when it occurs as part of a cloud-native platform despite assurances that cybersecurity procedures are in place.

Well, if there are vulnerabilities everywhere, is everyone simply out of luck? Not so fast. Safeguarding a company’s most valuable asset – their data – remains paramount despite the obstacles. Especially as data volumes continue to expand at an unprecedented rate.

The challenge therefore is to manage growth while minimizing technological and/or human error to ensure data protection.

The primary goal of backup processes is to guarantee the ability to recover from any data loss or system failure within a predetermined timeframe. This necessitates a robust backup strategy involving automated processes across various applications, platforms and virtual environments. In the face of increasing ransomware threats, immutable storage has become a vital feature. 

Rather than placing all of one’s proverbial eggs into a single basket, organizations can strengthen their data storage protection through a hybrid cloud approach that leverages the benefits of the full cloud with the control and security of on-premises solutions. There are several options for ransomware protection including immutable snapshots, S3 object-locking and platforms that provide unbreakable backup. Such solutions offer immutable storage that keeps backup data safe from ransomware attacks, accidental deletions or silent data corruption, while ensuring that backup data remains unaltered and recoverable to provide businesses a reliable defense against evolving cybersecurity threats.

Conclusion

There are many benefits to moving to the cloud – from saving money, to easy scalability and greater reliability – for both IT and end users than on-premises infrastructure. However, security is not one of those benefits. Ransomware has evolved to the point where it is no longer a “will I get hit?” scenario but rather a “when I get hit” one. And, unfortunately, companies rarely see it coming. 

For businesses looking for better security of their data, having an immutable backup solution as either a standalone or as part of a hybrid cloud is a more attractive option. This is especially true for organizations with extremely sensitive information, such as healthcare or financial institutions. It can also be ideal for organizations that must comply with regulations that aren’t met by public cloud providers.

Want to have the last word in guaranteeing the safety, security and immediate availability of invaluable data?

Ignore the public cloud and instead implement an immutable solution that provides the data integrity, ransomware defense, compliance and legal requirements, and historical data preservation that is needed to tell cybercriminals that they are wasting their time.

Judy Kaldenberg, SVP Sales and Marketing at Nexsan

Image: Sashkinw

You Might Also Read:

A Guide to Understanding Market-Leading Data Storage Solutions:

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

 

« British Companies Will Spend 30% More On Cyber Security
CYRIN's New Attack Scenario - On An HVAC Scada System »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Gate 15

Gate 15

Gate 15 provide risk management services focusing primarily on information, intelligence and threat analysis, operational support and preparedness.

ACI Solutions

ACI Solutions

ACI Solutions is a managed IT services and network security provider working with diverse global commercial, government and public sector clients.

SOCOTEC Certification International

SOCOTEC Certification International

SOCOTEC Certification International has been providing management systems assessment and accredited ISO certification services to organisations around the world since 1995.

DeuZert

DeuZert

DeuZert is an accredited German certification body in accordance with ISO/IEC 27001 (Information Security Management).

CyberSAFE Malaysia

CyberSAFE Malaysia

CyberSAFE Malaysia is an initiative to educate and enhance the awareness of the general public on the technological and social issues and risks facing internet users.

Attack Research

Attack Research

We go far beyond standard tools and scripted tests. Find out if your network or technology can stand real-world and dedicated attackers.

Blockchain Research Institute (BRI)

Blockchain Research Institute (BRI)

Blockchain Research Institute (BRI) is an independent, global think-tank. We bring together the world’s top global researchers to undertake ground-breaking research on blockchain technology.

Verificient Technologies

Verificient Technologies

Verificient Technologies specializes in biometrics, computer vision, and machine learning to deliver world-class solutions in continuous identity verification and remote monitoring.

NetSPI

NetSPI

NetSPI is an information security penetration testing and vulnerability assessment management advisory firm.

BullWall

BullWall

BullWall is a digital innovator dedicated to fight cybercrime in its many forms. Our overarching purpose is to stop new and unknown strings of ransomware attacks in its tracks.

Blumira

Blumira

Blumira provides comprehensive, hybrid cloud security monitoring and reporting for organizations of all sizes, enabling them to detect and respond to cloud security threats quickly and effectively.

Siege Technologies

Siege Technologies

Siege Technologies is a pioneer of multi-purpose cybersecurity products and services that enable customers to leverage both offensive and defensive technologies.

Cyber Insurance Academy

Cyber Insurance Academy

Cyber Insurance Academy was founded to provide insurance professionals with the knowledge needed to work in cyber-insurance and cyber-related insurance fields.

SecAlliance

SecAlliance

SecAlliance is a cyber threat intelligence product and services company.

CODA Intelligence

CODA Intelligence

CODA's AI-powered attack surface management platform helps you sort out the important remediations needed in order to avoid exploits on your systems.

System360

System360

System360 is one of Houston's top suppliers of network administration, design, security, and support services.