Even the most prepared organizations can get small-scale disasters in the era of mass scanning, spear phases and targeted ransomware from time to time. In their latest publication, Ars Techinca has mentioned that ransomware attackers are shifting their tactics and taking things to the next level.
Having a good backup and fast response during an outbreak may help to limit damage, but ransomware operators are also beginning to adapt in ways that fundamentally change the ransomware attack model. While these hackers have traditionally demanded paid ransoms over the confidentiality of information they have stolen, ransomware operators today have become increasingly aggressive and do not hesitate to dump the stolen data on public websites, because the ransom is not paid on time. Apparently, the most seemingly prepared organization is no longer immune, even if the attack has been contained.
Backup alone is not enough anymore to prevent real damage from ransomware. Why? Because ransomware operators can steal the data before they have been fully encrypted by backup systems.
As we have reviewed in this blog post, Gartner notes on their report, "5 Key Challenges You Must Solve With Your Next Backup Platform", that the key challenges for today’s infrastructure and operations leaders is to keep backups secure as a last line of defense against ransomware. Preventing an attack is more ideal than recovering from them. In this report Gartner states:
"New data locations and application types, data growth, increased data value, more-demanding recovery time objectives, and ransomware challenge backup implementations.
Infrastructure and operations leaders responsible for data protection will need to adopt new backup technologies and procedures."
Many data protection vendors have begun experimenting with cyber-security, claiming that their technology offers anti-ransomware features. In reality, backup systems and cyber-security are a whole different vendors expertise. These cyber-security companies live and breathe threat detection and prevention, offering AI, EDR, MDR and exploit prevention, among other technologies, that are meant to deal with ransomware and other cyber threats.
To get a multi-layered solution that bring the best of both worlds together, companies need an integrated ransomware prevention and protection solution that leverages decades of data protection and cyber-security vendors expertise, all-in-one complete package. To meet the latest challenge in ransomware prevention, organizations need a disaster recovery and backup appliance that is secured by an industry-leading anti-malware solution, providing prevention of ransomware and protection from data loss.