Upload File

cio security insight : why your backup solution is crucial ...€¦ · these threats give...

  • Home
  • Documents
  • CIO Security Insight : Why your backup solution is crucial ...€¦ · These threats give organizations no choice but to create backup systems that can withstand ransomware attacks
5
Consult Build Transform Support 1 | 005180716 CIO Security Insight : Why your backup solution is crucial to defending your organization from ransomware

Upload: others

Post on 26-Jul-2020

1 views

Category:

Documents


0 download

Report

TRANSCRIPT

Page 1: CIO Security Insight : Why your backup solution is crucial ...€¦ · These threats give organizations no choice but to create backup systems that can withstand ransomware attacks

Consult Build Transform Support1 | 005180716

CIO Security Insight :

Why your backup solution is crucial to defending your organization from ransomware

Page 2: CIO Security Insight : Why your backup solution is crucial ...€¦ · These threats give organizations no choice but to create backup systems that can withstand ransomware attacks

Consult Build Transform Support2 | 005180716

The best defense against ransomware has two central components: learning how to diagnose and prepare for attacks and creating robust backup and recovery programs that can bring your critical data back online as soon as possible.

The prudent response to the ransomware threat is a holistic program combining cyber defense and backup/recovery planning. Alas, many IT organizations lack the skills, training, and experience to dovetail these disciplines into a comprehensive solution, leaving many enterprises vulnerable to cyberattack.

That’s why so many organizations partner with a managed-backup provider to cover these vital operations. This eBook from CBTS, leaders in managed backup and recovery services, will help you understand why outsourcing is a savvy business decision. The appeal of outsourcing has four pillars:

• The ransomware threat persists and keeps evolving.

• Ransomware usually attacks onsite backups.

• Cloud backups are safer, but they also have vulnerabilities.

• The complexities of cyber defense and backup/recovery require substantial know-how.

This eBook will focus on the current reality that many organizations face today, as well as why backup is an essential component of recovery from a Ransomware incident.

Part 1: Ransomware is not going awayRansomware exploded in 2017 thanks to the global wave of WannaCry exploits, but cybersecurity experts noted that the attacks started to wane in the second half of the year. “In 2016, the profitability of ransomware led to a crowded market,” Symantec said in its 2018 Internet Security Threat Report1. “In 2017, the market made a correction, lowering the average ransom to $522 and signaling the commoditization of ransomware.”

Alas, the risks of ransomware endure—they’ve just shifted in new directions. Industry insiders says cybercriminals have started using ransomware as a decoy to distract defenders from more insidious intrusions. Moreover, ransomware techniques are rapidly evolving in ways that make cyber defense more complicated.

A report at CIOOnline.com2 noted emerging changes in ransomware techniques, including:

• New delivery media. Cybercriminals have moved beyond email and started implanting malware in documents and image files.

• Disk drive locking. Instead of freezing individual files, the malware attacks the master boot record of a disk drive—making everything inaccessible at once.

• Targeting older operating systems. It’s getting tougher to hack the latest versions of Windows and MacOS, so cybercriminals are going after earlier versions of system software.

• Expanding the time frame. Another tactic is to hide malware on a system and set it to attack months or years in advance.

1 https://www.symantec.com/security-center/threat-report2 https://www.csoonline.com/article/3267544/ransomware/11-ways-ransomware-is-evolving.html

Page 3: CIO Security Insight : Why your backup solution is crucial ...€¦ · These threats give organizations no choice but to create backup systems that can withstand ransomware attacks

Consult Build Transform Support3 | 005180716

In March 2018, ransomware attackers cost the city Atlanta, Georgia, $2.6 million and disrupted a host of services to residents, Wired3 magazine reported. The cybercriminals initially sought a ransom worth about $50,000 before shutting down their payment portal and forcing the city to clean up the mess.

These threats give organizations no choice but to create backup systems that can withstand ransomware attacks. The key is to ensure you have a backup program in place that you know, in fact, will recover your data. If you have not tested it, you are putting your business at risk.

Part 2: Attacks will target onsite backups The nature of ransomware code is to seek out every device on a network, encrypt everything, and demand payment in exchange for a decryption key. Ransomware authors understand that backup systems undermine their efforts, so their code typically targets backup capabilities.

“Several ransomware programs—such as the recent WannaCry (WannaCrypt0r) and the newer version of CryptoLocker—delete the shadow volume copies created by Microsoft’s Windows operating system. Shadow copies are a simple method that Microsoft Windows provides for easy restoration,” cybersecurity expert Rod Mathews said in an article at Dark Reading4, a news website that covers IT security.

Mathews noted that the structure of network file servers makes it easy to connect to users’ PCs, centralize data, and streamline the backup process. All these benefits, however, create inherent vulnerabilities.

“Most ransomware programs encrypt connected drives, so the victim’s home directory would be encrypted as well,” Mathews said. “In addition, any server that runs a vulnerable and highly targeted operating system like Windows could be infected, which would lead to every user’s data being encrypted.”

When the ransomware threat started making headlines worldwide in 2016, observers wondered why targeted hospitals and other organizations lacked the backup resources to prevent major disruptions. While it makes perfect sense in theory to back up everything, in practice, large, sophisticated IT operations had to make tough decisions about where to allocate funding and invest in the necessary hardware to replicate their systems.

Organizations that scrimped on backup and recovery planning often found themselves in a serious pinch in a ransomware attack. Some may have created only partial backups that replicated their most mission-critical systems but opted not to restore systems fully, suffering a painful outage when ransomware struck.

The advent of cloud computing, which slashed the costs of mass storage, has reduced the pressure on companies to make those kinds of compromises. Indeed, off-site backup to the cloud can be a pillar of sound security policy that can help you recover your data in the event of a breach or ransomware attack.

Part 3: Even cloud-based backups are vulnerable MIT Security Review5 predicts the cloud will become an attractive target of ransomware perpetrators because of the massive volumes of data stored in the cloud. “The biggest cloud operators, like Google, Amazon, and IBM, have hired some of the brightest minds in digital security, so they won’t be easy to crack,” Martin Giles of the Review said. “But smaller companies are likely to be more vulnerable, and even a modest breach could lead to a big payday for the hackers involved.”

3 https://www.wired.com/story/atlanta-spent-26m-recover-from-ransomware-scare/4 https://www.darkreading.com/endpoint/ransomware-will-target-backups-4-ways-to-protect-your-data/a/d-id/13300295 https://www.technologyreview.com/s/609641/six-cyber-threats-to-really-worry-about-in-2018/

Page 4: CIO Security Insight : Why your backup solution is crucial ...€¦ · These threats give organizations no choice but to create backup systems that can withstand ransomware attacks

Consult Build Transform Support4 | 005180716

Of course, cloud backups can be placed beyond the reach of ransomware. For instance, a dedicated offsite backup solution can copy files and data to a secondary cloud storage site where malware cannot find it.

Deploying a secondary offsite cloud backup service seems like a straightforward solution to the ransomware menace, but it may not be that simple. To prepare for and fend off ransomware attacks, organizations need a robust backup and recovery program that accounts for the needs of their business and their customers while protecting vital data and keeping key systems online.

Many organizations are choosing to partner with experienced managed backup providers to ensure their data is safe.

Part 4: Fighting ransomware requires specific expertise Ransomware defense poses a twofold challenge—understanding the peculiarities of malware threats and building programs to recover encrypted files. Most organizations are short on time and resources, so addressing these challenges can be difficult. That underscores the appeal of partnering with an experienced managed backup expert.

For example, ransomware often encrypts files one by one, increasing the size of each file. Malware detection software can identify sudden bursts of file-size increases and flag them as possible cyberattacks. Human experts must monitor the detection software to decrease the odds of false alarms. Multiply this challenge by the dozens of malware variants infecting systems—with new ones arriving every day—and you start to see the scope of expertise required for ransomware defense.

The backup component is similarly complex. To work effectively in a ransomware attack, backup operations must be:

• Well designed to account for operational needs, budget resources, IT workloads, customer demands, supplier pipelines, and other critical business issues.

• Designed with security measures and employee training.

• Encrypting data on site, in transit, and at rest to ensure that even if the data is stolen they can’t do anything with it.

• Strategically configured to ensure that organizations can fail-over to backups that can keep serving users and customers even while the primary system is under attack.

• Comprehensively tested to ensure backups restore as expected.

• Thoroughly documented so the absence of critical personnel doesn’t disrupt the restoration.

The evolution of cloud computing, virtualization, and replication software enables organizations to create mirror systems that can deploy rapidly in a ransomware attack—if they have the talent, training, experience, and budget to make it all happen.

Many companies don’t. That’s why they choose to partner with an experienced IT solutions provider who can tackle each of these diverse technical challenges.

Page 5: CIO Security Insight : Why your backup solution is crucial ...€¦ · These threats give organizations no choice but to create backup systems that can withstand ransomware attacks

Consult Build Transform Support5 | 005180716

Partnering with CBTS for backups, recovery, and cyber defense CBTS has decades of experience configuring and managing enterprise data centers. We also partner with top cloud and security providers to deliver the latest, most powerful technologies to our managed services and backup clients.

We take the time to learn your unique business challenges, and our people have the training, expertise, and certifications required to provide comprehensive protection against downtime and cyberattacks.

A few years ago, tape backups were sufficient for many organizations. These days, however, digital technologies connect every corner of a business, making downtime a much more severe threat you cannot afford to ignore. Meanwhile, cybercriminals keep dreaming up new ways to attack organizations’ networks and critical data.

These trends oblige organizations to beef up their cyber defense and develop thorough backup and recovery programs that will be there in a crisis.

If you need help with your data protection and backup programs, talk to CBTS today.

Contact us today at cbts.com


for publication Ransomware Threat Recovery€¦ · Source: Gartner, “Use These Five Backup and Recovery Best Practices to Protect Against Ransomware.” June 2016. “An effective

Backup breakdown - CFC Underwriting · Case study Bakup reakdwn Case study Backup breakdown Engineering firm’s files wiped out by ransomware. Case study | Backup breakdown Unlike

Ransomware ly

Ransomware: A Billion Dollars a Year Cyber Crime...Ransomware: A Billion Dollars a Year Cyber Crime 3. Keep an off-line, up-to-date backup of all files in the system When a successful

A BEGINNER’S GUIDE TO RANSOMWAREi.crn.com/custom/CRN360/Ransomware_eBook.pdf · 2017-04-07 · A Beginner’s Guide to Ransomware eBook unitrends.com Trying to sell defense Backup

Fighting Ransomware with Multi-Tier Backup Strategy...Ransomware-style cyberattacks may be common and difficult to completely stop, but a best practice backup strategy that includes

Ransomware is coming! infographic - CureMD · Create a backup and store it o˚ine. Remember that Ransomware may search for docu-ments on any connected drives or shares, so backing

Ransomware: Why Are Backup Vendors Trying To Scare You?

Datrium Ransomware Protection - VMware Cloud on AWS · AWS S3 storage. Cloud Backup can also serve as additional backup capacity for efficient storage on S3 of non-DR images. Cloud

Responding To Ransomware - NYMISSA · Ransomware is getting more sophisticated, and shifting to an enterprise threat. Ransomware Nightmares ... 50% of ransomware victims have paid

OF SUCCESSFUL RANSOMWARE 5 ways YOU CAN fileOF SUCCESSFUL RANSOMWARE CYBERCRIMINALS CLOUD BACKUP f-secure.com 5ways YOU CAN FIGHT BACK 2. GO ANONYMOUS. They set up incognito accounts,

An Enterprise Guide to Preventing Ransomware Attacksstratxsolutions.com/...black_ebook_ransomware_0912.pdf · AN ENTERPRISE GUIDE TO PREVENTING RANSOMWARE ATTACKS Ransomware isn’t

RANSOMWARE PROTECTION€¦ · RANSOMWARE PROTECTION UIDE . ... Exploitation Exploit Mitigations Application Behavior Payload Execution ... PREVENTION AGAINST RANSOMWARE

Barracuda Intronis Backup - MSP · 2019. 9. 18. · – Kaseya – Managed Workplace - RMM – N-central Ransomware protection • Keep your customers safe and compliant with robust

Backup ransomware prevention_2017

Ransomware: Modern Day PiratesRansomware • What is ransomware • History of ransomware • Actors and their motivations • Anatomy of a ransomware attack • Cost of a ransomware

Mitigating Risks of Ransomware - county of...• Remove the external storage device once a backup has been taken so that if ransomware does infect the computer, it won’t be able

Ransomware infographicITU - itu.int · ransomware detections were flagged as crypto-ransomware. a 27% increase since it was discovered. A ransomware variant seen in Russia that zipped

Is your data protected from ransomware? · vulnerability of your backup data due to shared networks. If your backup server gets infected or if your backup data is stored on a shared

Easy way to uninstall PadCrypt ransomware: Remove PadCrypt ransomware

Ransomware Survival: Prevention is the best …...Backup to an external hard drive Backup in two formats and keep a copy offsite Use bare metal backup and/or file and folder backup

Ransomware: Wannacry

Ransomware- success stories Triangle InfoSeCon · Ransomware Ransomware WannaCry,Petya,CryptoLocker,and TeslaCrypt are some of the more notable examples of such ransomware. In general,

Data Protection and Backup Software Test...Protection software extends on classical backup features to protect against malicious security threats such as ransomware and actively guarding

Malwarebytes Anti-Ransomware Administrator Guide · Malwarebytes Anti-Ransomware Administrator Guide 1 What is Ransomware? In the simplest terms, the name ransomware says it all

A QUICK GUIDE TO STOPPING RANSOMWARE...Deploy Backup and Business Continuity Recovery If there is a crypto ransomware infection, then the only recourse is to recover data and minimize

Are you ransomware-aware? · helped protect them from ransomware....of respondents NEVER backup their files. Those in the youngest age bracket (18-24) were the most likely age group

Registrant Outreach : Cyber Security Webinar€¦ · • Backup and Disaster Recovery IT Security Basics CYBER SECURITY THE BASICS 6 • Malware – Viruses, Ransomware, Cryptolocker

A Guide to Avoid Being a Crypto-Ransomware Victim › egov › documents › 1461770053...WHITE PAPER A Av tR 4 2. 3.3.Critical Data Backup If you have failed to stop ransomware from

Ransomware Tips to Help Avoid Ransomware Attacks · 2019. 5. 8. · installed the ransomware. Tips to Help Avoid Ransomware Attacks 1. Don’t click. Visiting unsafe, suspicious or

Infographic ransomware and backup

Ransomware - asecuritysite.com · Types •Locker Ransomware. Locks the computer. •Crypto Ransomware. Requires decryption key. •Master Boot Record Ransomware. Attack MBR so that

THE NEW CYBER THREAT AND HOW TO STOP IT - Acronisdownload.acronis.com/rc/Acronis Backup Service... · RANSOMWARE THE NEW CYBER THREAT AND HOW TO STOP IT RANSOMWARE: hackers hold your

LockBit Ransomware

Best Practices for Protecting Against Phishing, Ransomware ...security awareness training, data backup processes, strong internal control processes, implementation of technologies