SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Story image

Ransomware, cyber insurance and unbreakable backup key reflections of 2021

Wed, 29th Dec 2021
FYI, this story is more than a year old

Ransomware, cyber insurance and unbreakable backup are amongst the key reflections of 2021, according to StorCentric.

Mihir Shah, CEO, StorCentric, says cybercriminals and ransomware are evolving: from hitting only single organisations and/or individuals to attacking MSPs, where they could target multiple organisations with one fell swoop (e.g., the Kaseya ransomware attack perpetrated by the REvil group).

In 2021, Shah says cyber insurance became increasingly critical.

"And it wasn't just for large enterprises anymore. Small and medium sized enterprises invested, many for the very first time. Yet, confusion and frustration over what it does and does not cover continues."

Shah says enterprises recognised the need to protect themselves against a ransomware-related class action lawsuit, and began preparations for a worst-case scenario.

"Enterprises also increased their focus on data protection, particularly PII, as well as their ability to demonstrate that every possible precaution was taken to prevent and recover from an attack."

Surya Varanasi, CTO, StorCentric, says in 2021, unbreakable backup became an indispensable solution for ransomware attack recovery: thwarting cyber criminals 'attack the backups first' strategy.

Backup copy immutability also became non-negotiable, according to Varanasi.
"Meaning at least one backup copy must be immutable, unable to be deleted, corrupted or changed in any way, even if the ransomware has already infiltrated your organization, and integrated itself into the backup process."

JG Heithcock, GM, Retrospect a StorCentric company, adds, "Ransomware as a service (RaaS) is a huge business with attacks continuing to grow at an alarming pace. Businesses at every size are increasingly exposed to ransomware attacks.

"Cyber criminals are attacking backups first: and then once under their control, coming after production data," Heithcock says.

"This means that many enterprises are feeling a false sense of security, until it is already too late."

Heithcock says in 2021, recovery capabilities became the #1 ransomware strategy, while prevention and detection remained indispensable, recovery capabilities became the top priority.

Varanasi says massive data growth combined with significant changes in the way we work today and a rapid rise in cybercrime has driven increased challenges for data center managers.

"In 2022, it will be critical to respond to these demands, and to pursue and achieve digital transformation strategies that enable organisations to store, manage and protect data at scale.

"And I predict that in 2022, data center managers will find that the ideal way to do this will be to start with the right data storage foundation."

In 2022, organisations will seek a data storage foundation that enables them to support a mix of workloads. The storage will allow for flexible configurations and simplified expansion to meet a wide variety of capacity and performance requirements. Next, organisations will seek a solution that provides multi-protocol support. Certainly, at a minimum, the storage will support block (iSCSI, FC) and file (NFS, CIFS/SMB). However, given the increasing desire to run cloud-native applications, backup and restore critical data, as well as archive data in the cloud, S3 object storage support will become a must-have as well.

"Today's digital transformation strategies would be remiss if data protection and business continuity were not at the top of the list of considerations as well," says Varanasi.

"This is especially true in 2022, when data center managers are not just concerned with equipment malfunction, but also insider threats and external cybercriminal activity, such as ransomware attacks.

"So, capabilities such as immutable volume and file system snapshots that deliver secure point-in-time copies; object locking for bucket or object-level protection for specified retention periods; and pool-scrubbing to detect and remediate bit rot and data corruption will be deemed essential.

Heithcock says today, more than ever, data can be lost by accident, damaged by a natural disaster, or fall victim to cybercrime.

"In 2022, with ransomware continuing to grow as a threat, data protection will become the most indispensable component of every organisation' digital transformation strategy."
 
In 2022, the 3-2-1 backup rule will continue to be the golden rule of complete data protection, says Heithcock.

"This means that organisations will keep three copies of data saved across at least two media types, with one more copy saved offsite.

"In 2022, ROI will also remain the name of the game, so organisations will seek a proven solution that makes this easy and affordable to implement. The ideal backup solution will enable a backup script to a local destination and a backup transfer script to an offsite target. Using a transfer script to copy backups to a second location enables the administrator to perform the operation offline, without the original source needing to be used."
 
In 2022, there will be various options available for implementing 3-2-1 workflows, according to Heithcock.

"The first possibility will be disk and cloud. Combining local disks and cloud storage locations is a common pattern for a backup strategy. An available backup on a local disk translates into very fast recovery time, as the local network allows for much higher bandwidth.

"A remote backup on a cloud storage location insulates the organisation's data from disaster, malware, and other problems that arise."

Heithcock says the second option will be network-attached storage (NAS) and cloud.

"NAS devices are an affordable on-site storage location for backups. Leveraging an on-site NAS ensures a large, dedicated storage pool and high bandwidth for backups. Transferring those backups to the cloud as an offline process allows administrators to avoid touching the original source multiple times."

The third option, according to Heithcock, will be disk and tape.

"Disk remains the most common storage media, and tape continues to make strides in speed and storage capacity. With a local disk, the administrator can quickly back up their environment and have the backups available for fast restore. Using a tape library for offsite storage enables the administrator to store their backups in a safe location (like a security deposit box or a third-party storage locker) that – unlike the cloud – the administrator has physical access to."
 
In 2022, going beyond the 3-2-1 backup rule will provide organisations with extra insurance to protect their digital transformation initiatives, Heithcock says.

"Organisations can choose to utilise a second cloud storage location (i.e., 3-2-2 strategy) or NAS, tape and/or cloud (i.e., 3-3-2 strategy) for added redundancy.
 
Finally, in 2022, utilising WORM storage in the cloud with Immutable Backups will provide the best protection against ransomware attacks. With a locked backup, malware cannot delete your critical data, enabling the administrator to recover if the worst does happen. By combining the 3-2-1 backup with immutable backups in the cloud, administrators can ensure their organisation's data is protected against the latest threat landscape.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X