223 billion euros – that’s how much damage cyber attacks cause according to a Bitkom study annually for the German economy. Ransomware and blackmail software accounts for around 20 percent of these. Three ways out of the ransom trap.
The hackers encrypt data, fail systems and, increasingly, steal data from their victims' networks. In an open letter, a group of IT security and information technology experts called on federal politicians to take action and demanded specific legal measures to counteract ransom payments, among other things.
Paying ransom is the wrong way
The need for action is undisputed and paying a ransom is the wrong approach. The letter only sees data backup as a good antidote to ransomware to a limited extent. According to the next-gen data management specialist Cohesity, however, the opposite is the case. Backing up data as a last line of defense is more important than ever when done right. In his supplement to the open letter, Wolfgang Huber, head of the DACH region at Cohesity, therefore names three aspects of how backups, as an essential line of defense, open the way out of the ransom trap:
1. Harden foundation
“If saboteurs succeed in penetrating the network, they spend several days on average finding weak points and, above all, hacking the backup. Therefore, this infrastructure must be resilient and able to restore important data reliably and quickly even in the worst case scenario during an ongoing attack,” explains Huber.
Such an approach to next-gen data management as Cohesity consolidates all data silos on a resilient and highly scalable infrastructure, regardless of whether the data is traditionally stored on-premises, in a private or public cloud. All workloads are completely backed up there. The data is heavily encrypted on its way and on the infrastructure, which, by the way, should implement the zero trust principle. Access for administrators is secured by multi-factor authentication and their access rights can be strictly regulated so that only authorized users can access the data.
2. Capture data immutably
“Those responsible must be able to trust their data copies and their integrity and that hackers have not tampered with them. It is mandatory that the backup data is stored on immutable storage – that is, storage on which the data cannot be rewritten, deleted or corrupted,” says Huber.
Solutions such as Fort Knox from Cohesity go one step further and offer companies a cloud vault that uses a virtual air gap to protect the data stored there from unauthorized access as immutable backups. The cloud vault is operated as a Software-as-a-Service (SaaS) solution and is physically separated from the company network and its network and management access isolated. The data stored there can be played back from the Cohesity-managed cloud vault to the original source location or to alternative destinations such as the public cloud.
3. Respond quickly to attacks
“The key to defending against cyber attacks and ransomware is how quickly IT teams can identify attacks and initiate countermeasures. Therefore, data management and security should work closely together and pass on indications of ongoing attacks at an early stage," explains Huber.
Next-gen data management solutions use AI/ML technology to monitor the snapshots on their own infrastructure. The aim is to detect unusual backup or access patterns or other abnormal behavior. These indicators help to identify possible internal and external attacks such as ransomware at an early stage and to take countermeasures if necessary.
More at Cohesity.com
About Cohesity Cohesity greatly simplifies data management. The solution makes it easier to secure, manage and create value from data - across the data center, edge and cloud. We offer a full suite of services consolidated on a multi-cloud data platform: data backup and recovery, disaster recovery, file and object services, development / testing, and data compliance, security and analytics. This reduces the complexity and avoids the fragmentation of the mass data. Cohesity can be provided as a service, as a self-managed solution, and through Cohesity partners.