Would you talk a left and walk down this alley without a second thought? No? What if a colleague told you that there might be something good in there? Of course not.
Then why would you do it with an embedded link, PDF, or other document on your computer?
Ransomware is not a new term but it is often overlooked. Everybody is far more familiar with malware, viruses, and spyware. However, ransomware has risen in public consciousness lately as more businesses are faced with paying a ransom to regain access to their data. The FBI reports that nearly $18 million have been lost since early 2014 due to one specific threat: CryptoWall. This, however, is not the only ransomware threat. Reveton, Cryptolocker and TorrentLocker have claimed multiple victims and there will be more to come.
Ransomware follow a traditional ransoming scheme with one twist. Historically, prominent people or items were ransomed for large quantities of money or property. With ransomware, however, the amounts often range from only $100 to $10,000. Typically the amounts are smaller to help the perpetrators stay under the radar of authorities. If the ransom amount is small, companies find it is easier to just pay rather than suffer greater losses in time, productivity, legal costs, regulator fines, etc.
Why is ransomware so effective right now? We all are to blame. We fail to update our systems for new security enhancements and bug fixes. Many organizations’ change control policies leave open windows between a security release update and their application. Criminals exploit that window. The lack of reliable, up-to-date backups makes the attack more effective. Business aren’t sure they can get their data back, so they have to pay!
Small and medium businesses are most exposed because it is difficult to maintain in the proper protections. Often companies look at costs for security and backup software as a luxury and build a homegrown solution. While manually/scripting database dumps to a locally attached NAS (Network Attached Storage) system or the cloud may work for daily operation, but it doesn’t protect against ransomware.
Ransomeware helps us remember why traditional backup is still relevant. Ransomware can replicate itself out to network storage and other systems, propagating and encrypting everything it touches. While snapshot-based protection techniques make the data immediately readable without the necessity reconstruction or proprietary formats, it leaves the data exposed. Backing up your environment has never been more important and ensuring you are doing it correctly, based on industry best practices, is a must. One size and one technique won’t address all your challenges.
Why is somebody from EMC’s Core Technology Group writing about ransomware? We will not be scanning for malware, virus or ransomware signatures. We won’t keep your users from walking down the dark alley. But we will keep your data safe and recoverable. We are your protection of last resort. Your data will be there, secured, consistent and recoverable. EMC now has a Special Ops Team to deliver Isolated Recovery Solutions (finally – a good IRS).
This team is comprised of some of the best minds across EMC ecosystem and designed specifically to help protect the world against data threats. Their expertise spans the primary storage, data protection and implementation to help you fully understand these types of dangers and how best to defend against them. They can help you understand planning and design, data isolation and replication, data validation, and advances in restore and recovery. You will learn more about concepts like Air Gapping, physically isolating secure and unsecure networks from each other and how a complete and true disaster recovery plan can help to minimize or eliminate the impact any attack can have.
Go HERE for more information on this team and what they can do to help you protect your business from the Various Nefarious out in the cyber world.
Steven Weller @