Posts Tagged ‘isolated recovery solution’

2016: Year of the Cybercriminal

Brian Heckert

Principal Content Editor, Dell EMC
My first long-term exposure to technology was the typewriter. I still love that invention, which really sparked my interest in writing. For the past 20 years, I have worked in high tech as a content development specialist, marketing writer, and documentation editor. Prior to working in the software industry, I was a journalist, photographer, photo editor, and military fire fighter. After hours, I enjoy spending time with family, reading, and hiking in the mountains.

cyberattackUS$1,000,000,000. That’s the estimated cost of ransomware to individuals and businesses in 2016. In the first quarter of 2016 alone, ransomware cost organizations US$209 million. Keep in mind that ransomware is just one type of cybercriminal activity. Although final numbers for 2016 are not yet known, based on the frequency and sophistication of the attacks so far, it’s likely that 2016 will end up as the most lucrative year on record for cybercriminals. The latest numbers show that there were more than 2 billion records leaked in 2016.

Here are just a few of the biggest cyberattacks in 2016:

Government
Even the U.S. government is not immune to cyberattacks. In February, the Department of Justice was attacked by hackers who published contact information of 20,000 FBI employees. That was just a day after the same hackers posted contact information of 10,000 Department of Homeland Security employees. Shortly after these attacks, the cybercriminals taunted the Feds, stating that they did what they said they would do.

High tech
Data from at least 500 million user accounts was stolen from Yahoo! users. The cybersecurity breach actually occurred in 2014 but was only confirmed by Yahoo! this past September. According to Yahoo!, “The account information may have included names, email addresses, telephone numbers, dates of birth, hashed passwords (the vast majority with bcrypt) and, in some cases, encrypted or unencrypted security questions and answers.”

Healthcare
Hospitals operated by the $5 billion healthcare provider MedStar Health were attacked by ransomware in March. Thousands of patient records could not be updated and in some cases could not even be accessed by healthcare staff. As a result, patients were turned away or were treated without important computer records.

Education
A data breach at the University of California, Berkeley, affected the institution earlier in the year, compromising the financial data of 80,000 students, alumni, employees and former employees. The hackers exposed Social Security and bank account numbers. The breach occurred when software was being patched.

No organization is immune
The attacks just mentioned are just a few of the thousands of cybercrimes that occur worldwide each day. Government, high tech, healthcare, education, etc.—no one is immune from a cyberattack. Cleary, if you’re connected, you’re vulnerable. Fortunately, there are precautions you can take to prevent a cybersecurity disaster. According to the Federal Bureau of Investigation (which is the lead federal agency for investigating cyberattacks), you can protect yourself and your organization from cyberattacks by: (more…)

Five Security Lessons We Can Learn From the Theft of the Death Star Plans

Jay Livens

Director, Product Marketing
Jay’s passion is technology. It started when he was a child and used to take apart flashlights and could not remember how to put them back together. You can imagine how that turned out especially when power outages occurred. However, Jay persisted and charted a course through life that included a lengthy stop in the financial services industry. After receiving an MBA from MIT’s Sloan School of Management, his path turned towards storage and he had stints with a storage reseller, a storage startup and a couple of big storage companies. After serving in multiple roles, Jay settled on marketing as his future career-path; however, he is not your typical marketer. All things technology intrigue him and he likes to know how things work, not just the marketing stuff, but how stuff really works. At Dell EMC, Jay runs field and channel marketing for the Data Protection and Storage Divisions in the Americas and looks forward to sharing his perspectives on his division, products and life in general.

Last year, I wrote about Six Management Lessons That IT Leaders Can Learn From Darth Vader and with the looming release of Star Wars: Rogue One, it is time to revisit the Star Wars universe.  Rogue One focuses on the theft of the Death Star plans, and in this blog post, I wanted to explore five things that we can learn from the Empire’s lax security practices.

death star

Encryption Matters
In the opening sequence of Star Wars, we see Princess Leia inserting the Death Star plans into R2-D2.  The droid seemingly had no issues reading the data and later projecting 3D holograms of the information.  Unless R2 has some super-secret and highly advanced decryption capability, it would appear that the Death Star plans were not encrypted.  Hmmm, really?  These plans are for the most sophisticated battle station in the universe and the Empire forgets encryption?

Strong encryption limits access to critical data to those who have the encryption key.  This technology adds a layer of security because Rebel scum can only read the data if they have both the source files and the encryption key.  Thus the hacker needs to capture two pieces of data to gain access to private information.   A natural offshoot of this process is that key management is critical and that the most effective security strategies include both strong encryption and highly secure key management.  In a stunning turn of events, the Empire overlooked both of these strategies.

At Dell EMC, we offer a variety of encryption options including solutions for data at rest and in flight. (more…)

Security or Protection: Which One?

Vladimir Mandic

Chief Technology Officer & Distinguished Engineer Data Protection Cloud, Core Technologies Division, Dell EMC
Vladimir has been driving technical innovation and change within EMC for the past 10 years, first in the area of data protection software and, currently, in cloud technologies. Prior to that, he’s had rich industry experience as a solution integrator and in the service provider space. When not working on technology innovation, he may be difficult to locate due to his passion for world travel.

Latest posts by Vladimir Mandic (see all)

security-protection-vlad-1Ransomware
A long time ago I heard an anecdote that the highest level of security certification was given to a system that sat in a secure room and was isolated from a network. Today we live in a connected world, and that creates much bigger surface areas for security threats. As much as IT organizations would like to limit exposure, users expect unlimited access to both business and personal email, to be able to work with attachments, to surf the web, and to interact on social media.

Pandora’s Box has been opened security-protection-vlad-2.jpg
Although risk cannot be completely eliminated, it can and should be managed. In parallel, ransomware has emerged as a top cyber threat to business. The number of attacks and their complexity is unparalleled. These are not simple drive-by threats (such as a random user visiting a site that contains malware); instead, they are custom-designed to bypass an organization’s perimeter security and target specific high-value data sets.

The combination of open access and more advanced threats is something that requires far more attention!

Many organizations derive a false level of confidence from their investment in perimeter security: firewalls, authentication/authorization, antivirus solutions and encryption over-the-wire. When assessing security and protection, however, assume that the perimeter has been breached! The breach point is already beyond antivirus software and firewalls; it is now within authenticated systems where encryption becomes transparent. Do you know what your level of protection is?

How big is a Ransomware threat?
• Ransomware has headlined on FBI, DHS, DOJ, and NSA lists in 2016 and triggered multiple US Senate and Homeland Security questions that have resulted in FBI, DHS, and DOJ responses.
• It’s growing fast: At the end of Q1 2016, 93% of all phishing emails contained encryption ransomware. That’s a 763% increase year over year!

First, let’s look at the infrastructure
If you do control the infrastructure, be sure to take advantage of Isolated Recovery Solution (IRS) for systems such as EMC VMAX and Data Domain. IRS ensures that (a) you have a replica of your storage for fastest recovery, and (b) replication is enabled over a link which is air-gapped when replication is not occurring. That way, any corruption of primary data can quickly be recovered from an unaffected replica copy.

If you outsource your infrastructure (for example, by using the public cloud), does that mean security is no longer your responsibility? Remember, an IaaS provider takes responsibility for infrastructure availability and resiliency, but not for data validity. That means protecting your data on your core systems is your responsibility.

Regardless of the location or ownership of the infrastructure, you should be asking yourself these questions:
• Does it matter if we (or the provider) have certification XYZ.123 or not?
• In case of compromise, how do we recover data?
• Do we have a clean copy of the data that is isolated?
• How quickly can we recover?

Second-level safety is provided by having a well-designed data center protection strategy, including a backup solution, which provides an additional level of isolation for your data. That data should be secure and immutable, and it should be available for quick recovery to any point in time. Solutions such as EMC NetWorker or Avamar data protection software together with EMC Data Domain protection storage provide this level of protection. (more…)

SUBSCRIBE BELOW

Categories

Archives

Connect with us on Twitter

Click here for the Cloud Chats blog