Posts Tagged ‘ransomware’

Ransomware 101

David Tye

Product Marketing Manager
As a recent graduate from Sacramento State University I am able to take what I have learned in school and apply it to the high tech industry and the problems companies are facing today. I am a California native, die hard Green Bay Packers fan, and an outdoor enthusiast.

Latest posts by David Tye (see all)

Ransomware is a worldwide phenomenon that is affecting users all around the globe. According to a recent study published by McAfee Labs, ransomware growth increased by 58 percent for the second quarter of 2015. For all businesses, small or large, the question is not “Will I be a victim of ransomware?” Instead, the question everyone should be asking is “Will I be prepared when ransomware attacks?” That said, falling victim to a ransomware attack is not the end of the world if you have a proper backup policy in place.
ransomware

Ransomware first arrived on the scene in 2005. The first known ransomware strain was The Trojan.Gpcoder, which affected Windows operating systems.  Ransomware is comparable to humans in that it comes in all shapes, sizes, and colors. Ransomware attacks once used screen pop-ups that would notify users of the attack and the amount of money required to unlock a computer. Today’s ransomware attacks are more sophisticated than ever and use “unbreakable encryption.” That usually means if you do not have your data backed up you will not be seeing that data again (AKA you’re toast)—unless you pay the ransom. And paying the ransom does not guarantee that you will gain access to your data.

Ransomware can infiltrate and spread through your systems in a matter of minutes; all it takes is one wrong click. This type of malware typically enters a network through its weakest link, normally social media or an email with an infected link or attachment. Ransomware is an effective form of cybercrime because the attackers can instill both fear and panic in their victims. But there are other reasons as well: ransomware is easy to create and deploy. The good news is that we can all fight this sort of cybercrime with a thorough backup plan.

(more…)

Security or Protection: Which One?

Vladimir Mandic

Chief Technology Officer & Distinguished Engineer Data Protection Cloud, Core Technologies Division, Dell EMC
Vladimir has been driving technical innovation and change within EMC for the past 10 years, first in the area of data protection software and, currently, in cloud technologies. Prior to that, he’s had rich industry experience as a solution integrator and in the service provider space. When not working on technology innovation, he may be difficult to locate due to his passion for world travel.

Latest posts by Vladimir Mandic (see all)

security-protection-vlad-1Ransomware
A long time ago I heard an anecdote that the highest level of security certification was given to a system that sat in a secure room and was isolated from a network. Today we live in a connected world, and that creates much bigger surface areas for security threats. As much as IT organizations would like to limit exposure, users expect unlimited access to both business and personal email, to be able to work with attachments, to surf the web, and to interact on social media.

Pandora’s Box has been opened security-protection-vlad-2.jpg
Although risk cannot be completely eliminated, it can and should be managed. In parallel, ransomware has emerged as a top cyber threat to business. The number of attacks and their complexity is unparalleled. These are not simple drive-by threats (such as a random user visiting a site that contains malware); instead, they are custom-designed to bypass an organization’s perimeter security and target specific high-value data sets.

The combination of open access and more advanced threats is something that requires far more attention!

Many organizations derive a false level of confidence from their investment in perimeter security: firewalls, authentication/authorization, antivirus solutions and encryption over-the-wire. When assessing security and protection, however, assume that the perimeter has been breached! The breach point is already beyond antivirus software and firewalls; it is now within authenticated systems where encryption becomes transparent. Do you know what your level of protection is?

How big is a Ransomware threat?
• Ransomware has headlined on FBI, DHS, DOJ, and NSA lists in 2016 and triggered multiple US Senate and Homeland Security questions that have resulted in FBI, DHS, and DOJ responses.
• It’s growing fast: At the end of Q1 2016, 93% of all phishing emails contained encryption ransomware. That’s a 763% increase year over year!

First, let’s look at the infrastructure
If you do control the infrastructure, be sure to take advantage of Isolated Recovery Solution (IRS) for systems such as EMC VMAX and Data Domain. IRS ensures that (a) you have a replica of your storage for fastest recovery, and (b) replication is enabled over a link which is air-gapped when replication is not occurring. That way, any corruption of primary data can quickly be recovered from an unaffected replica copy.

If you outsource your infrastructure (for example, by using the public cloud), does that mean security is no longer your responsibility? Remember, an IaaS provider takes responsibility for infrastructure availability and resiliency, but not for data validity. That means protecting your data on your core systems is your responsibility.

Regardless of the location or ownership of the infrastructure, you should be asking yourself these questions:
• Does it matter if we (or the provider) have certification XYZ.123 or not?
• In case of compromise, how do we recover data?
• Do we have a clean copy of the data that is isolated?
• How quickly can we recover?

Second-level safety is provided by having a well-designed data center protection strategy, including a backup solution, which provides an additional level of isolation for your data. That data should be secure and immutable, and it should be available for quick recovery to any point in time. Solutions such as EMC NetWorker or Avamar data protection software together with EMC Data Domain protection storage provide this level of protection. (more…)

SUBSCRIBE BELOW

Categories

Archives

Connect with us on Twitter

Click here for the Cloud Chats blog