Ransomware: What If It Happens To You
News of the recent ransomware attack on Colonial Pipeline, which disrupted the fuel supply in the Eastern U.S., and the company’s $5-million payment to cyberthieves brought concerns about ransomware to the forefront for many company owners and managers. Could it happen to them? Data is the most valuable thing an organization owns and the most important thing to protect.
To complicate the recovery of Colonial, the company had to continue using backups to restore data because the decryption code the thieves supplied was so slow. The astounding ransom payment didn’t even result in a quick resolution.
Ransomware has become a lucrative effort for cyberthieves. From its early days of misspelled emails that were obviously fakes, it has evolved into compelling and convincing fake emails that appear to be from someone you know, plus software updates, spam, web pages, free software downloads, complimentary thumb drives or charging cords, and even web-based instant messages.
Chances diminish daily that any company will avoid an eventual attack.
Ransomware Attacks By Months
Ransomware blocks access to your data by encrypting it so you can’t open or access your files. The attacks are difficult to protect against or detect early. Even when detected, it’s difficult to stop them before they have encrypted a significant portion of your network. Attackers then demand a ransom (often in bitcoin) in exchange for a decryption code to restore access to your data.
From the attacker’s point of view, their success depends on your inability to restore access to your data unless the ransom is paid. They often target backups first to limit your recovery options. As in the case of Colonial, relying on backups can result in downtime, data loss and is an arduous process that could take weeks or even months. It seems reasonable to conclude that there is no impenetrable ransomware defense, although anti-ransomware tools will fend off attempts and, if kept up-to-date, help keep your infrastructure secure and defend against cyber-attacks.
Ransomware Attacks By Industry
Since it may not be possible to completely keep ransomware out, stopping an attack depends on protecting the data. If your files are stored on a legacy-type network server and need to remain accessible to be worked on, they are particularly vulnerable to attack.
But there is a way to store your files in immutable data architecture (once stored, they cannot be changed, edited or overwritten) and make them resistant to attack. Immutable data storage is unaffected by an attack.
Immutable data is made possible by smart hybrid cloud file system technology like Panzura CloudFS. The user experience is just like a local file experience, but the CloudFS global cloud file system stores file data as immutable blocks in cloud object storage – a single authoritative data set that every user in the organization, regardless of location, works from. As files are created or edited, changed data chunks are moved to object storage. The data blocks are further protected by snapshots that are taken at configurable intervals. The data blocks are impervious to all forms of malware.
When a ransomware attack occurs, malicious code encrypts your files. Panzura recognizes altered file data, and the resulting encrypted files are written to the object store as new data.
Since existing data is preserved as original objects in the object store, any file encrypted by a ransomware code can be immediately reverted back to its state prior to infection, using the snapshots. This can be done for a single file, entire directories or even the entire global file system, rendering ransomware attacks harmless for your business and futile for the attacker. Accessing your data is as easy as restoring it from a snapshot.
As a result, Panzura users do not pay ransoms. The data protection inherent in the immutable data infrastructure offered by hybrid cloud solutions like Panzura have become so valuable that savvy decision makers rank them alongside other total cost of ownership considerations.
Keep in mind, not all immutable storage solutions deliver on the immutable part. Just as it’s important to regularly test your backup solution to make sure it can deliver when needed, you need to know your immutable file system can stand up to the worst of events. Year after year, the Panzura global file system has demonstrated its unique ability to shrug off the harshest of attacks.
As a digital transformation specialist, I’ve seen the damage caused by a bad actor in a ransomware situation – the havoc caused to a client’s entire national environment. The Panzura global file system not only survived, it was the leading reason the client was back in business as quickly as they were. The potential recovery time of days or weeks was quickly switched to minutes and hours. My advice: Don’t just recover. Recover quickly and easily.