Data Resiliency: Solution for the new-age ransomware attacks
As organisations move more of their data into the cloud, they are increasingly becoming victim to a sleuth of ransomware attacks which aim to compromise data stored in cloud services.
A recent report by Palo Alto Networks found that India witnessed a 218% increase in ransomware attacks on organizations in 2021. Another report by Thales said one in four Indian organizations suffered a ransomware attack last year, higher than the global average of 21%.
Today, ransomware gangs like Conti are causing customers more distress than ever as they attack an organisation but then refuse to deliver on their promise of providing unencrypted data in return for the ransom paid. Ransomware-as-a-service (RaaS) has allowed practically anyone to launch a ransomware attack. As ransomware prevention technology improves, so does ransomware sophistication. Organisations need to plan for such ransomware attacks laying emphasis on ransomware-specific disaster recovery and response scenarios.
In a multi-cloud environment, it is nearly impossible to defend the perimeter, which is why it becomes important to explore technologies such as Data resiliency.
Data resiliency is the ability to ensure an organization’s data is secure, accessible, and actionable. It proactively identifies, alerts, and responds to data loss or attack problems. Data resiliency works towards protection against new threats such as ransomware, insider threats, and supply chain attacks.
Gartner predicted that 70% of chief executive officers are expected to mandate a culture of organizational resilience by 2025 to protect against coincident threats from cybercrime and other unexpected events. There is a need to find a solution that can not only protect data but also unveil its value to the company. This is why business resilience has become dependent on data resilience.
Typically, a ransomware attack can start attacking an organisation’s backup files two months or more before the production data is even attacked. This makes the recovery that much harder because restoring an infected backup can reintroduce the malware into the system. This is where data resiliency comes in.
Data resiliency solutions ensure that data is protected and recoverable - via backup and recovery, replication, and disaster recovery - from traditional protection threats (user error, system failure, site disaster) and next-gen threats (ransomware, insider threats).
Shifting left on data protection, we must realize that as we continue ransomware-related conversations, one thing is clear- businesses, today, need a more comprehensive approach to data protection. This should include securing data against malicious actors and maintaining compliance. In the dynamic environment of today i.e. adoption of hybrid work culture, the rise of economic crisis, and the constantly changing geopolitical scenarios around the globe, the possibility for threat actors to attack using different ransomware strains is now.
It is imperative for organisations across the globe to re-evaluate their protection strategies and leverage the cloud for its proven scale, security, and capabilities that help safeguard data and reduce cyber risk. Moreover, it is imperative for all to work towards achieving resiliency of data and of the business.
Milind Borate
Milind Borate, CDO and cofounder, Druva