BlogRansomware makes me WannaCry


There is a growing realization that organizations simply cannot fend off every cyberthreat and that some breaches are inevitable. Ransomware can be downloaded onto systems when unwitting users visit malicious or compromised websites. It can also arrive as a payload either dropped delivered as attachments from spammed email, downloaded from malicious pages through malvertisements, or dropped by exploit kits onto vulnerable systems. Preventing users from disclosing account passwords to phishing emails and other preventative measures is useful IT security hygiene but is not 100 percent effective. According to the US federal agencies, ransomware attacks can be expected to surmount password and other barriers. Recent research from Cybersecurity Ventures predicts that these attacks will cost the global economy 6 trillion annually by 2021!

As if installing Windows 10 updates aren’t stressful enough, fake Windows updates can now install ransomware on your computer. According to researchers at TrustWave, a recently discovered malicious email campaign is scaring users into installing “critical” Windows 10 updates. Spoiler warning: it’s malware.

Preventing a ransomware attack has become increasingly difficult, so ASG is helping our customers focus on ensuring they can quickly and easily recover from such an attack. This is the “peace of mind” that ASG delivers with S3 Object Lock in the new Veeam Availability Suite V10. To protect data from ransomware attacks, Veeam Availability Suite V10 and Cloudian HyperStore support the S3 Object Lock. The S3 Object Lock permits backup data copies to be made unchangeable for a set period of time, which prevents hackers from encrypting or deleting backup data. S3 Object Lock protects data from ransomware by making it unchangeable for a specified period, thus preventing encryption by malware. But probably the best part of incorporating Cloudian into a Veeam backup solution is it doesn’t require any special administration because it is extremely simple to manage.

Cloudian supports AES-256 server-side encryption for data at rest and SSL for data in transit (HTTPS). Fine-grained storage policies — including encryption at object and bucket-levels — permit security settings to be individually configured for different users or data types in a shared-storage environment. Also, Cloudian offers enhanced security features such as secure shell, integrated firewall, and RBAC/IAM access controls to protect backup repositories further. In the event of an attack, ransomware-locked files can be restored by Veeam using backup data from the on-premise Cloudian HyperStore appliance. These will be free of the ransomware infection since Cloudian Object Lock is certified to meet the nonrewriteable, non-erasable storage U.S. government requirements of SEC Rule 17a-4(f) and FINRA Rule 4511 for US government-certified data immutability.

S3 Object Lock provides a virtual air-gap that logically disconnects stored objects from connected commuter systems. In Object Lock’s Compliance Mode, stored data can’t be overwritten or deleted by any user (including the root account in AWS if you are using their cloud storage). There is no way to change the retention mode or to shorten the retention period, whether the S3 object storage is on-prem or in the public cloud. ASG, however, recommends using Cloudian HyperStore on-prem as restores are significantly faster than via the public cloud, not to mention being much less expensive in the long run over using public cloud storage. In fact, more US enterprises intend to buy object storage than unified file/block, SAN and NAS. This is according to the May 2019 IHS Markit Data Center Storage Strategies survey of North American enterprises. One reason is that a Cloudian back-end backup target is twice as dense as most SAN-based arrays, plus once the backup is on HyperStore, it doesn’t ever need to be backed up again. Essentially by incorporating HyperStore, you can cut your backup storage costs in half!

ASG can help you with these implementations, and save you significant money in the process. Contact us for details.

About the Author

Mark Teter, Corporate Technologist

Mark Teter, Corporate Technologist

In his role, Mark is responsible for the strategic direction of ASG’s emerging technology offerings and advancing the deployment of present-day hybrid cloud solutions for our customers. Mark has served as Faculty Staff Member at Colorado State University and has written over 50 white papers on subjects including Data Center Ethernet, Linux and Open Source, Storage Area Networks and Computer Virtualization. He published Paradigm Shift in 2006, a book on emerging technologies. He is a Google Certified Professional Cloud Architect.