Whoever said crime doesn’t pay obviously wasn’t a ransomware operator. Ransomware does pay, and it pays a lot. And with the growing popularity of tactics such as double extortion, ransomware is becoming even more lucrative.
A recent study analyzed ransomware attacks in North America and Europe and discovered that ransom payment averages have risen 171 percent year over year, from $115,123 in 2019 to $312,493 in 2020.
The same study found that prior to 2020, the largest known ransom payment was $5 million, but in 2020, one company paid $10 million to get the decryption key for their data. And although it is unknown whether the company paid up, in another 2020 incident, a ransomware operator demanded $30 million for the key, which is twice the previous highest demand of $15 million.
These numbers—coupled with the increased frequency of ransomware attacks—may sound terrifying, but there is no need to sit back and wait to be a victim. Proactively implementing a comprehensive data protection strategy provides a layer of security to prevent attacks and a game plan for recovery if an attack succeeds.
Why Immutable Storage is an Essential Part of a Data Protection Strategy
One key component of an effective data protection strategy is immutable storage. Immutability means that once data is stored, it is impossible to overwrite, change, or tamper with it. This type of storage is essential because it plays a variety of roles in the IT environment.
As a disaster recovery solution, immutable storage provides clean data that can be restored after an unplanned disruption or cyberattack. From a data protection standpoint, it prevents accidental deletion and malicious data corruption (with some caveats—more on that later).
Immutable storage also provides compliance-friendly data retention, which is required for organizations in highly regulated industries such as healthcare and finance.
Why Immutable Storage Alone Isn’t a Solid Data Protection Strategy
Despite the many benefits of adding immutable storage to your data protection strategy, it absolutely should not be relied on as the sole means to prevent data loss and corruption.
Here are the top three pitfalls you can avoid by not making immutable storage the sole tool in your data protection toolbox.
Immutable storage should be your last line of defense, not your first.
You know what they say about an ounce of prevention. It may seem cliche, but this old adage is incredibly relevant when it comes to ransomware.
For a number of reasons, preventing ransomware attacks is always preferable to cleaning up the mess afterward. To name just a few ways ransomware attacks affect businesses:
- Sales and services come to a screeching halt.
- Employee productivity and confidence suffers.
- The company’s reputation takes a hit.
- So. Much. Money. Even if you don’t pay the ransom, there are remediation costs, security audits, regulatory penalties, legal fees, hardware and software replacement and repairs, and the list goes on.
In addition to immutable storage, be sure to invest in a technology solution that combines both cybersecurity and data protection. This will provide threat detection, neutralization technology, disaster recovery, and business continuity capabilities, while also minimizing complexity and increasing visibility.
Immutably storing corrupted data means you might recover corrupted data files.
As mentioned above, immutable storage does prevent data corruption, but with caveats. Some new ransomware strains specifically target backup files, which can have serious implications for disaster recovery.
Storing a copy of data that has been infected with ransomware means you are backing up and protecting the ransomware itself. Once the corrupted data is in immutable storage, it cannot be quarantined. When you try to recover this data, you end up reinstalling the malicious code as well, and you’re back to square one.
A single layer defense is not really a defense.
With the huge number of threats organizations face today, only implementing a single defense layer is practically useless.
The only way to put an effective barrier between your company’s data and everything that is out to get it is by applying multiple layers of protection to ensure data stays secure and recoverable.
Immutable storage is one part of this equation, but at a minimum you will need additional security safety nets such as:
- Endpoint security around the backup infrastructure
- Malware detection scans for systems and data before and after backup
- Air gapped backups
Immutable storage is an essential part of a comprehensive data security strategy, but it cannot solely provide the level of protection needed to prevent data loss from a disruption or security event.
Between natural disasters, human error, evolving cyberthreats, and technology failures, the more safeguards your organization has in place, the better. For more disaster recovery tips, download A Ransomware Crisis Plan is Now a Business Imperative to learn how to mitigate damage from ransomware and other cyberattacks.