Stop Backing Up Ransomware – Cyber Defense Magazine


By James Gorman

When utilizing cloud technology for workloads, companies often assume that their current backup strategy is sufficient for the cloud environment. However, having good backups has been a basic form of Cyber and IT resilience for over 35 years. While many IT organizations have established a backup strategy in the past, they have yet to adapt it to address new technologies and emerging threats.

Many organizations store their backups on media storage on-site or off-site storage, cloud-based storage, or another company-managed facility. However, as these traditional strategies and legacy solutions migrate to critical cloud-based workloads, they may need to be more suitable to ensure the resilience and recovery of cloud-based workloads. The cloud operates differently than traditional on-premise systems in that it is programmable, ephemeral, and on-demand, requiring a different approach to backup strategies to ensure the resilience and recovery of cloud-based workloads. Legacy backups can present a problem when migrating to the cloud, and they are not designed to be cloud-native and may need to be more effective in detecting and removing cyber threats and corruption. Restoring and testing these backups can be time-consuming and disruptive to daily operations. A corrupted backup can cause significant issues when attempting to restore from backup to live production, resulting in disruptions and delays in restoring operations. This corruption is especially problematic if the backup itself contains the ransomware problem.

Some Startling Statistics:

  • Ransomware attacks hit 80% of organizations in 2021. (Pollfish)
  • More than 60% of those hit by the attacks paid the ransom. (Pollfish)
  • The average ransomware payment was $570,000 in the first half of 2021, up from $312,000. (Mimecast)
  • 58% of organizations infected with ransomware agreed to pay a ransom in 2021, compared with 34% in 2020. (Proofpoint)
  • Of those, 32% had to make an additional ransom payment to regain access to their data/systems. (Proofpoint)
  • Ransom demands are five times higher when data exfiltration is involved. And that’s happening six times more often in 2022 than in 2019. (Arete & Cyentia)

 Cyber Criminals are getting more competent and more professional.

As cyber criminals become more skilled and professional, they can launch attacks that evade detection for extended periods. According to one study, the delay between a malware infection and the execution of a ransomware attack can be as long as 72 days. This delay means that even if an organization has “done everything right,” like having backups that go back one or two months, they may still be restoring infected applications. Restoring the ransomware is a worst-case business scenario. Companies need to implement solutions that specifically protect against backing up ransomware. One such solution for the cloud is a Cyber Recovery Service, which can help ensure the integrity of application during and after a potential attack.

Cyber Recovery Service

Elastio provides a Cyber Recovery Service.

  • not just backups
  • not just malware detection
  • not just recovery services
  • not just another pretty dashboard

Elastio’s Cyber Recovery Service offers comprehensive protection for your AWS workloads. It not only backs up your data but also ensures that it is free of ransomware and corruption. With Elastio’s technology in place, you can have peace of mind knowing that your backups are malware-free and restorable. The service also provides a mechanism to restore a part or the whole application without interruption to current operations. Recovery testing can be performed, proving that your team has done Disaster Recovery training and can document it for audits such as SOC 2, HITRUST, PCI, or CMMC.

Elastio’s founders have extensive experience in the industry and have been leaders in backup, recovery, and data security for decades.

Elastio auto-detects new workloads in your AWS environment, scans them for ransomware, and creates highly recoverable, immutable backups that are compressed and deduplicated for cost efficiency. Download our guide to defending your cloud backups from ransomware to learn more.

About the Author

James is a Cyber Security Expert and entrepreneur with experience securing, designing, deploying, and maintaining large-scale, mission-critical applications and networks. James leads teams through multiple FedRAMP, NIST, ISO, PCI, and HITRUST compliance audits, and he has helped numerous companies formulate compliance and infrastructure scalability strategies. His previous leadership roles span from CISO to VP Network Operations & Engineering to CTO and VP of Operations, at companies as diverse as GE, Epoch Internet, NETtel, SecureNet, Transaction Network Services, AuthX, Certify Global, SecureG, Cyber Defense Media Group, and OnePay.



Source link