A CIO’s guide to beating ransomware and staying Available

Rick Vanover, director of technical product marketing and evangelism for Veeam Software discussed how an organisation can stay Available during and after a ransomware attack – in the latest webinar hosted by Information Age.

Ransomware is a very serious topic impacting all types of organisations across the globe, suggested Vanover during his opening remarks.

Every organisation has, by now, undergone some form of digital transformation. As a result, the consumer expects any organisation to provide a seamless digital experience.

If something is not available in this digital environment there is a ‘risk, impact and potential downstream consequences to a brand, a bottomline and more’, said Vanover. Regardless of ransomware, the threat posed by unavailability affects all IT services. But the situation is made worse by the ransom-based malware.

A survey from Veeam Software identified whether organisations have the right technology in place to keep things available and meet the expectations of their business. It revealed that 82% of organisations are experiencing an availability gap, and are unable to meet the uptime SLAs expected.

At the same time, 77% of organisations are expecting a protection gap, and are unable to protect data frequently or reliably.

Given these statistics it is important to assess a business’s expectations of its data services: what are the capabilities, for example.

>See also: Downtime is key cost of ransomware attacks

Downtime is inevitable and costly, seriously impacting the bottom line. Veeam has estimated that it costs the average enterprise $21.8 million a year, with a 36% cost increase year-on-year.

‘Everybody loses when it comes to downtime,’ said Vanover. And this comes in the middle of universal digital transformation, which gets disrupted because availability can’t keep up.

Ransomware is one of the main causes of downtime, and when it strikes availability is reduced. Veeam deals with ransomware every day and argues that it is not just a PC problem, but a data centre problem.

WannaCry

‘What is ransomware?’, asked Vanover. ‘It’s a cryptovirology that locks an organisation out of their data and can affect people in many different ways.’ The WannaCry attack demonstrated this – people were not able to get access to healthcare.

There are many types of ransomware that often don’t make news headlines, and decrypting costs over a million US dollars per organisation. This loss of data control – caused by ransomware – is experienced by ‘half of all businesses in the US,’ according to Vanover.

>See also: NHS Trust successfully fought back WannaCry ransomware with AI

This problem works on different locations and targets, and it is not just a Windows problem. There are notable examples on Android and iPhones. These vectors are working in every direction in every type of technology, explained Vanover.

Prevention

The number one prevention defence is user training, continued Vanover. As usual attacks start from an end user.

Then on the response side, if ransomware gets inside, the only options are to restore or consciously lose that data.

Investing in an availability strategy is the last line, explained Vanover. ‘You can’t recover from ransomware without backup.’

He recommended that business leaders understand how data and authentication flows. This is the best way to prevent propagation of ransomware. ‘Where does the data sit?’ This learned visibility is crucial for not only data flow, but recognising suspicious behaviour.

>See also: The year of the ransomware shakedown

Alarmingly, Veeam’s ransomware poll found that 46% of businesses admitted to having a ransomware situation. 91% had their data encrypted, and of these, 2% admitted to paying the ransom, while 84% were able to restore without paying.

Resilient against ransomware

Vanover’s overall recommendation was to ‘pay now’ – but not the ransom. Ultimately, a business doesn’t want a choice between paying the ransom or losing the data. Invest now in availability strategy – ‘pay now’.

He suggested implementing a notion of availability, with compliance and service availability built in. This enables broader digital transformation.

The number one technique to be resilient to ransomware – offline storage. Tape is the most effective, and despite problems, it’s offline capabilities are unparalleled.

>See also: 6 steps to protect your company from crypto-ransomware attacks

Other technologies, like replicated virtual machines, primary storage snapshots, Veeam Cloud Connect and rotating media provide a semi-offline offering for those companies that don’t want to integrate a somewhat antiquated technology into their operations.

Outlook

There is ‘No positive outlook other than to invest in resiliency and availability.’ The problem of ransomware is only going to grow, it will not organically fix itself. It presents an explosive risk when it comes to business’s data.

 

To check out the latest webinar hosted by Information Age on A CIO’s guide to beating ransomware and staying Available, please visit: https://www.informationagehub.uk/guide-beating-ransomware-staying-available/

 

The UK’s largest conference for tech leadership, TechLeaders Summit, returns on 14 September with 40+ top execs signed up to speak about the challenges and opportunities surrounding the most disruptive innovations facing the enterprise today. Secure your place at this prestigious summit by registering here

Avatar photo

Nick Ismail

Nick Ismail is a former editor for Information Age (from 2018 to 2022) before moving on to become Global Head of Brand Journalism at HCLTech. He has a particular interest in smart technologies, AI and...