New Methods to Stop Ransomware Attacks

This report, published on September 24, 2020, was written by Jerome M. Wendt, president and founder of DCIG, LLC.

New Methods to Stop Ransomware Attacks

Ransomware represents one of the primary threats every size organization currently faces. The latest surveys reveal the percentage of businesses experiencing ransomware attacks may be higher than anyone initially thought. These statistics suggest it is only matter of when, not if, an organization experiences a ransomware attack.

While organizations may first turn to cybersecurity and backup software to prevent and recover from these attacks, new options exist. Among them, email data protection software and object-based networked storage offer organizations new and better ways to respond.

Inevitability of Ransomware Attack
Any organization that assumes (or hopes) it will never experience a ransomware attack better re-think that position. Recent reports reveal as many as 50% or more of US organizations have already experienced a ransomware attack.

An April 2020 survey published by the Safety Detectives found over 50% of US organizations experienced an attack in the past 12 months. A separate Cyber Insurance Claims Report by Coalition found a lower, but still disturbingly high, number of ransomware attacks. It estimated, based upon the number of claims, that 20% of all US businesses experienced a ransomware attack.

Whether one believes the higher percentage or the lower one, they both illustrate the high number of ransomware attacks. These serve to put organizations on notice to take steps to defend against them.

Cybersecurity and Backup Software Good First Steps
Cybersecurity and backup software represent 2 first steps every organization should take. Cybersecurity software may take the form of anti-virus software, firewalls, security incident and event management (SIEM) software. All these forms of cybersecurity software help to detect and prevent a ransomware attack from occurring in the first place.

Unfortunately, due to its rapidly changing nature, cybersecurity software cannot catch every strain of ransomware. Odds are some new strain of ransomware will elude detection and detonate. In this scenario, organizations should have backup software in place as a second line of defense to recover encrypted files.

Lingering Challenges
The lingering challenges with these 2 common methods used to defeat ransomware are as follows:
• Ransomware frequently enters an organization through an email message. Cybersecurity software may not always detect which attachments or links in an email message contain ransomware. Further, many email messages appear to come from legitimate sources. These include banks, government agencies, technology providers, and even from people within the organization. All it takes is one person to inadvertently open a file or click on a link and the ransomware launches.
• Backups typically only run once a day. Many organizations only back up their data once a day so any data created since the last backup may be lost. Further, depending on the solution, it can take some time to locate and recover the original data.

Closing Data Protection Gap
In response to these challenges, organizations now have access to new technologies that help close this data protection gap. They may find these in the following 2 forms:
• Email backup software that contains anti-ransomware capabilities. Organizations may deploy email backup software such as SpinOne Technology, Inc. that detects ransomware, stops it, and even restores encrypted files and emails. Designed to protect G Suite and Office 365 environments, SpinOne represents one of the first solutions to bring together email backup and anti-ransomware capabilities. By deploying it, organizations may detect and stop ransomware at the point where it most likely enters their organization: their email system.
• Use network attached, object-based storage systems. Organizations of almost all sizes use NAS for file sharing and data storage. Recently, object-based storage has entered this market offering CIFS and NFS interfaces to facilitate easy and fast deployment. Sometimes perceived as slower than NAS systems, object-based systems have significantly increased their performance in recent years using flash drives. Using flash-powered object-based storage in lieu of NAS systems gives organizations access to some of object-based storage’s more attractive features. Its data immutability and snapshots specifically stand out.

These 2 features help ensure that should ransomware attack, organizations may recover data since the system stores the data in an immutable format. Nasuni, Inc. stands out as such a solution that enterprises may deploy at scale.

Respect Ransomware’s Threat, Do Not Fear It
Ransomware rightfully causes concern for organizations of all sizes and they should respect the harm it can do. However, the threat ransomware presents should serve as a motivation for organizations to act.

Implementing best practices of cybersecurity and backup software along with these 2 new technologies from Nasuni, Inc. and SpinOne equip organizations with a robust defense against ransomware. By implementing these techniques, organizations may move from fearing a ransomware attack to confidently knowing that they are positioned to stop it and recover from it should one occur.