In the next 14 seconds, another business will become a target for a ransomware attack*. Could it be yours?
Ransomware is the first type of malware that actually generates revenue for the attacker. Companies hit by a ransomware attack are forced to pay a ransom – anywhere from hundreds to thousands of dollars –to unlock files that have been maliciously encrypted. Ransoms can range from $5,000 to $50,000 and beyond depending on the size of the company. Basically, it’s pay up, or face chaos. Or don’t pay up, and face chaos anyway. Once your files are infected, you could spend days, weeks, even months restoring business as usual.
Ransomware is a massive, insidious risk for all businesses.
Attacks spiked in 2019, hitting large companies and government agencies, crippling public services and causing major disruptions. Countless other assaults are damaging smaller businesses to the point where recovery is almost impossible.
Anyone can launch a ransomware attack.
It’s such a successful business idea that if you were that way inclined, you could get your own ransomware kit off the shelf for as little as $25. And there are plenty of soft targets, especially among small and medium-sized businesses. Since GDPR came into force in 2018, most businesses take steps to protect their data and ensure legal compliance with GDPR legislation. But against a determined malware attacker, is that enough to prevent an incursion?
Ransomware attacks cost business billions of dollars every year**.
For mid-sized companies, it’s around $713,000 a time. Total ransoms surged from $325 million in 2015 to a staggering $5 billion in 2017. By the end 2019, they were predicted to reach $11.5 billion. 71% of companies targeted by ransomware attacks have ended up infected – that’s roughly three in every four. And it won’t just be an isolated infection. Half of all successful ransomware attacks will infect at least 20 computers in the company.
There’s everything to lose. Ransomware offers a relatively low touch, low cost and successful attack method for criminals. Victims are left floundering to recover their data, either paying the ransom because they were unprepared or hadn’t made secure backups, or refusing to pay and accepting the loss of their data altogether. Around one in three companies affected will lose access to their data for five days or more. Even if you pay it, the price of the ransom is nothing compared with the resulting costs of downtime, loss of productivity, and potentially permanent loss of brand confidence. It could still take days or weeks to implement the hundreds or thousands of encryption keys needed to unlock your data. What’s more, substantial investment of time, money and human resources in enterprise infrastructure and processes would be needed to prevent future compromises.
The city of Atlanta, Georgia, a vital US transportation and economic hub took weeks to fully recover when it was attacked in March 2018. Many city services and programs were affected, including utility, parking, and court services. City officials were forced to complete paper forms by hand. This hack was the largest successful breach of security for a major American city by ransomware, potentially affecting up to 6 million people. Though the city declared that there was little to no evidence that personal data had been compromised, later studies revealed that the breach was worse than originally estimated. As late as June 2018, it was estimated that a third of the software programs used by the city remained offline or partially disabled. Many legal documents and police dashcam video files were permanently deleted and, for a while, residents had to resort to paying their bills and forms on paper. In response, Atlanta devoted $2.7 million to contractors in order to recover, but later estimated it would need $9.5 million.
It’s simple. If you get hacked your business grinds to a halt. Industry regulators will penalize you for loss of data, supply chains will be disrupted and customers will lose confidence. Countless other businesses that you deal with suffer the aftershocks. Ransomware attacks always have disastrous consequences, whether you’re a big city or a tiny rural start-up.
A free and open digital society creates the perfect opportunity for malicious malware attackers. Ransomware exploits the interconnectedness of digital networks and cloud computing and the masses of unstructured data they generate, such as media and entertainment data, surveillance data, geo-spatial data, audio, weather data, invoices, records, emails and sensor data. This data provides vital intelligence and experience to help a business develop smarter, more intuitive ways of working.
How can you protect yourself?
First off, remember that the sheer value of your data inevitably gives it ransomware appeal. So, every business is a potential target. Every business needs to make their data harder to corrupt and easier to recover. The best way to do that is to invest in a wide range of storage technologies, including cloud object storage, disk and tape, to reflect the value, scale and vulnerability of the data.
HPE has long been an advocate for using tape for large scale data storage and retention, particularly for the long-term. HPE StoreEver tape storage with LTO-8 technology provides a portfolio of data protection solutions that significantly reduce costs, are easy to manage and deploy, and can store data for up to 30 years.
“As data retention requirements continue to grow, organizations seek to grow their archival capacity while minimizing overall costs. While organizations have shown increased interest in disk-based and cloud storage for long-term storage and data protection, a recent survey conducted by ESG research found that almost half of respondents continued to leverage tape.
LTO tape technology has been shown to reduce up to 86% of total storage costs compared to disk systems and 66% lower than that of an all-cloud storage solution.”
But for all tape’s many attributes, the paramount benefit is this: data that is directly accessible across a network or via the web is vulnerable to cyberattack. Even backups stored on connected arrays or NAS devices are at risk. Keeping a copy of the data offline on tape, creates an air gap – a physical space that separates the online and offline space. As far as anyone knows, ransomware hasn’t yet learned how to jump!
Tape provides the ultimate longstop in your 3-2-1-1 backup plan – that’s three copies of your data, two backups on different media, at least one copy stored off-site and (crucially for building defenses against ransomware) one offline.
Tape is the most cost-effective long-term solution for storage of cold data. But more pertinently, it’s the only one that truly isolates more strategically important production data from a ransomware attack.
Every sensible data center storage management strategy should include provision for an inexpensive tape library because the cost of acquisition and management will likely be more than recouped in the event of a major ransomware attack (remember those financial damage estimates I quoted above).
Businesses that adopt a multi-layer data storage strategy, including LTO tape, will be best equipped to recover quickly not just from a ransomware attack, but from any action or event that puts the integrity of data at risk.
In short, you may not be able to stop a ransomware attack, but you can reduce the impact of its spread by keeping a pristine copy of your data on HPE LTO StoreEver tape.
* Source: CyberSecurity Ventures, 2019
** Source: Emisoft, 2019