Cyberattacks and Ransomware Accentuate Need for Rapid Recovery

This blog article was developed as part of a paid customer content engagement between DCIG, LLC and Artitecta Pty Ltd, published on April 13, 2023, and written by analyst Ken Clipperton.

Cyberattacks and Ransomware Accentuate the Need for Rapid Recovery

• What would it cost your business if it lost access to critical business data and applications for a few days?
• What if that disruption lasted a few weeks, or months?
• What would that disruption do to your customers?

This nightmare has become all too real for thousands of businesses that have fallen victim to ransomware. According to many reports[i], material business disruption averages about 21 days with full recovery from a ransomware incident taking more than six months.

Many sources of downtime
Common sources of data loss and downtime include:
• accidental deletion or overwriting of files
• computer viruses and malware
• equipment theft
• fires
• floods
• hardware/system failures
• malicious acts
• other human errors
• power surges and outages
• ransomware
• software errors
• spills

Prudent business leaders take action to reduce the likelihood of experiencing any of the common causes of data loss and downtime. Nevertheless, failures will occur.

The key to achieving business resiliency is the ability to rapidly recover from any incident.

Cyberattacks and ransomware are now primary causes of downtime
While there are many sources of downtime, cyberattacks have become a major source of risk to businesses of all sizes and across all industries.

Cybercriminals have figured it out: your data is valuable. Disrupting business operations by denying access to data or threatening to release sensitive data to others can unlock large ransom payments from the victims of these attacks.

Cyberattacks can also result in payments to customers whose data is stolen by criminals. For example, thieves stole more than 447,000 patients’ names, Social Security numbers (SSN), and sensitive medical information from a Florida healthcare organization. In response to a class-action lawsuit, it agreed to pay up to $7,500 per SSN that was stolen.

Cyber insurance is one tool organizations can use to protect themselves from financial losses. Ironically, some cybercriminals now seek information about their victims’ cyber insurance coverage so they can tune their ransom demands to that coverage.

• Q: Why do cybercriminals target business data with ransomware attacks?
• A: Because that’s where the money is.

Startling statistics from recent ransomware and cyberthreats reports
Many enterprise technology providers and security experts have compiled data about the impacts they are seeing from recent ransomware attacks and other cyberthreats.

According to Acronis’ 2022 year end cyberthreats, “Ransomware continues to be the number-one cyberthreat for businesses, including government, healthcare and other critical organizations.”[ii] “No one is safe – email-borne attacks are targeting virtually all industries.” [iii] “More than 100 million accounts were breached in the third quarter of 2022, as found in a recent Surfshark survey.”[iv]

And these attacks are increasingly costly to their victims.
“The global average total cost of a data breach is now $4.35 million, having increased by another $110,000 this year. In the United States, the average total cost is nearly $9.5 million.” [v] “No matter the size or industry, data breaches can absolutely devastate an organization. In addition to the immediate impact on business operations, companies must contend with severe reputational damage and potential regulatory fines.” [vi]

From Cisco’s security outcomes report, volume 3: achieving security resilience
Nearly 2/3 of respondents reported suffering major security incidents that jeopardized business operations. The leading types of incidents were network or data breaches (51.5%), network or system outages (51.1%), ransomware events (46.7%) and distributed denial of service attacks (46.4%).”[vii]

These incidents cause wide-ranging costs to affected businesses. These include downed systems, response and recovery costs, brand damage, and legal costs or penalties.

f1

From IBM’s cost of a data breach 2022 report
“For 83% of companies, it’s not if a data breach will happen, but when. Usually more than once. When detecting, responding to, and recovering from threats, faster is better. Organizations using AI and automation had a 74-day shorter breach lifecycle and saved an average of USD 3 million more than those without.”[viii]

From Entara
“Entara was deployed recover a 450-server environment that had about 50% of its LUNs backed up with snapshots. The customer was able to operate its most critical, revenue-driving business applications in a few days because they had partial snaps. We spent the next few weeks restoring the remaining high-priority systems used for functions like monthly batch reporting. The whole project took no more than one month, while the customer with traditional storage and no snapshot capabilities took 3-4 months.”[ix]

Every business needs rapid recovery strategy
The question is not if your business will experience a ransomware attack, but when. Therefore, every business must develop and implement a strategy for timely recovery from a successful cyberattack attack before disaster strikes.

Callout: Don’t let a message like this ruin your day, week, month, or quarter:

Unfortunately, for organizations relying on traditional backup and recovery approaches, recovering from a ransomware attack in a few days would be considered a success. Recoveries often extend to weeks or months. Disruptions of these durations can easily result in business failure.

To be truly useful, a cyber resiliency strategy must recover the business to an operational state within the timeframes necessary to meet BC objectives.

Ultimately, the recovery strategy must enable business resiliency.

Create news wins through proactive data management
Because this issue has executive-suite and board-level awareness, IT leaders should approach the creation or updating of their recovery strategy with a broader awareness of the needs of the business. They should look for opportunities to create new wins rather than addressing this risk by merely bolting on another layer of technology and expense.

Implementing an effective recovery strategy will probably entail significant costs. However, the right solution properly implemented provides opportunities to create new value from data, leverage AI/ML to cut or avoid costs, and address emerging edge data requirements.

A solution that enables proactive data management can benefit the business by enabling:
• greater data visibility
• optimal data placement
• improved data availability
• provable compliance
• consistent data governance
• data workflow automation
• policy-driven data management
• the extension of enterprise data management to the edge

A data management solution that enables end-user access and self-service tools will enable greater scalability and agility for the organization by freeing end-users from relying on IT interventions to complete their priority projects.

Arcitecta enables business resilience at scale
Arcitecta is an example of a company that addresses both cyber resiliency and data management at scale, enhancing overall business resilience.

Arcitecta is a data management company, not a storage company. Its Mediaflux product virtualizes multiple underlying storage systems to create an integrated data environment that enables continuous inline data protection at scale. Its Point in Time solution solves the rapid recovery problem by enabling IT and end users to rewind any file or file system to a specific point in time without performing a restore operation. Intelligent search facilities help to reduce the RTO to near zero, even at scale.

Arcitecta’s Point in Time Ransomware Rapid Recovery Solution
Arcitecta’s Point in Time Ransomware Rapid Recovery Solution for M&E studios enables studios to quickly restore their media assets after a ransomware attack, minimizing downtime and avoiding the risk of data loss. Point in Time works across existing production storage systems, such as Dell PowerScale, making it easy to implement and cost-effective since no additional storage systems are required.

Wins that go beyond ransomware recovery
Arcitecta goes beyond ransomware recovery, addressing the challenges of data resiliency and effective data management at scale. It bases its Mediaflux product on an XML-encoded object database (XODB) to meet the data management requirements of research computing organizations. XODB is hyperscale database technology that integrates and operates on rich, arbitrary metadata.

Arcitecta and Mediaflux are proven in demanding at-scale data environments. Jason Lohrey founded Arcitecta in 1998. This company serves more than 300,000 active users at organizations in the life sciences, research, clinical, geospatial, M&E, and defense industries. Mediaflux users generate multiple petabytes of new data each month and move many petabytes for analysis each month … with no data loss or outages exceeding 3mn.

Guidance for business and IT leaders
Every business must develop and implement a strategy for timely recovery from a successful cyberattack attack before disaster strikes. Enterprising professionals will leverage this necessity to implement proactive data management that creates new opportunities for their organizations while mitigating the risks posed by ransomware.

About Arcitecta
It is an innovative data management software company. Founded in 1998, it builds a data management platform enabling thousands of users worldwide in some of the most demanding data-driven environments. Its flagship Mediaflux platform began with the vision to provide organizations with technology for handling all forms of data, from small to very large and complex. Today, it forms the foundation for managing the simplest and the most complex data for all sizes of organizations and global enterprises, empowering them to simplify data-intensive workflows and accelerate time to insight from their data to improve business and research outcomes.

[i]
[ii]
[iii]
[iv]
[v]
[vi]
[vii]
[viii]
[ix]