The horror of a ransomware attack
“We are being compromised by a ransomware attack” – The dreaded message that all executives fear receiving. Executives are losing sleep and they are at constant distraught over such incidents. Regardless of organization’s size; the availability of data, security of information, and privacy of intellectual properties are critical assets that are vulnerable to risk.
It’s no longer a question if an organization will fall victim to a ransomware attack, it’s just a matter of time before it happens. Business operations and customer services these day are gradually more IT reliant. Therefore, organizations should prioritize prevention & recovery measures for their IT infrastructure to ensure business continuity.
What are the risks?
What are the impacts for the organization when they became the latest victim of the flavour-of-the-week ransomware? The impacts can be measured by productivity, increasing cost, paying for ransom, and most importantly, reputation. All these impacts may directly or indirectly affect your revenue.
- Productivity – When your organization has been compromised, assets has to be confiscated for forensic purposes. This in turn will impede your productivity. The new product that you want to launch this year? That will have to wait.
- Remediation cost – Very often when an organisation has been hit by a ransomware attack, the remediation comes with a costly price.
- Cost of data recovery from backup tapes
- Cost of IT Security forensic
- Cost of additional training for employee to prevention measures
- Paying for ransom – Paying ransom will damage your business. James Trainor, former lead of Cyber Division at FBI Headquarters said “The principle reason why people pay the ransom is that they do not have a safe and secure separate backup, meaning that they have no alternatives. I think one of the bigger problems that companies have is that they haven’t really tested this type of scenario.”
- Reputation – Trust has always been the crucial to a business. It will be devastating to the company bottom line if they are the victim, since it will also signify that there is a gap in their security process and gave the impression that the public cannot trust this company to protect their confidential information and their money.
NAS is not a luxury but a necessity
Shared file system is not something new, since the creation of NFS few decades ago, it has become an important IT tool that organization depend on for their business and operation. In my first job out of college many years ago, there was a large NFS farm that served as a centralized storage for dozens of equipment in the factory floor to keep detail data of each component made at every stage of the manufacturing process. The data were collected to be analysed for quality control, process improvement and for identifying problem in the material. I couldn’t imagine an environment without the NFS to provide the service, maybe that’s why Sun Microsystems was selling like hot cakes at that time.
Maturity of Enterprise NAS
It is unavoidable to have an enterprise NAS, and at the same time, to be aware of the risks and impact it can have to the business. The good news is that there are solutions that can address the risk.
NAS has been in the market for decades and the technology is mature, secured and widely available. With NAS, it can deliver high performance storage services to the most demanding customer, enabling the user to focus on their tasks at hand. At the same time, the storage is able to provide advanced data protection, from the local snapshot, tiering of snapshot to another media and location, and replicating the data to a DR site, synchronously if the requirement demands it.
Antimalware Security from end-point to storage
In order to help addressing the malware and ransomware threats, the storage will comes with storage level anti-virus software to scan every piece of files that got save into the storage, only file that pass the virus scanning will be visible to the creator and other users. This will immediately prevent the storage becoming the distributor of malware and cease the spreading of viruses within the organization. But bear in mind, this solution should work together with the end point security software that the organization chose, storage anti-virus should not be the only solution.
In the event that one of the user’s computers was affected with malware and got triggered to start wiping the data in the computer as well as any connected share drives, the ransomware detection and recovery solution that bundled with the storage can detect the behaviour and use the black list of file name and type to quickly take action to revoke the access right of the user to prevent further damage. The user will only have read only access right and need to get the IT team to enable the write access after taking action to remove the malware in the computer.
One of the great features of the ransomware recovery solution is the capability to know what are the files and folders that got modified during the attack and able to recovery only those files from backup. In other less advance recovery approach solutions in the market, the recovery is from a point in time copy of backup, which effectively restore every files and folders from backup, regardless of whether it was affected by the ransomware. The modern ransomware is smart enough to maintain the attribute of the file, for example, owner, file size, timestamp of last access, this make it almost impossible to identify which file and folder were affected. If the backup is from 3 days ago, all work done within the last 3 days will be gone, and if the folder hold data for 500 users, that is a big productivity lost for the organization.
With the NAS bundle that includes comprehensive data protection, anti-virus and ransomware detection/recovery solution, CIO can rest assure that his data is secured, protected, and able to recover within a very short time if they were attacked.
There are other additional features in the solution that can also help IT organization in reducing the cost of storage by utilizing the efficiency of the storage as well as the innovative private or public cloud storage tiering solution.
Contact us with the link below for more details on our NAS bundling available.
