Site icon Cloudian

New Strategies to Stop Ransomware

The effort to stop ransomware is top of mind for IT managers. By one account, the number of reported ransomware incidents increased by nearly 90% year over year between 2016 and 2017, and experts are projecting continuing expansion of this threat in 2018.

The good news is that new approaches employ object storage to provide additional lines of defense beyond the traditional strategies you already know.

Traditional Strategies to Stop Ransomware Have Holes

Traditional strategies for stopping a ransomware attack usually seek to prevent an attack.

This often involves training programs for users, advising them to avoid “phishing” attacks such as emails whose senders are posing as trusted sources.

Another prevention strategy is to sniff payloads on email for known signatures of malware, or to monitor activities in systems to detect aberrant activities that might connote malware activation.

Finally, you can simply isolate critical systems behind additional layers of firewalls and password challenges to constrain the access of users and programs.

Stop ransomware to prevent this screen from ruining your day!

 

In the long run, these preventive solutions tend to be ineffective.  Users become inured to cautions about email hygiene, and technologies designed to block the inroads of malware are quickly rendered obsolete as signatures change rapidly.  Firewalls and other blockades irritate users and programmers, who eventually find ways to circumvent their protection for convenience.

WORM Protects Your Data in the Event of Attack

Attacks can strike even the best-prepared, making it essential to mitigate the effects of a successful breach.  Here, the best line of defense is at the storage layer, where the data is written.

The storage technology to preserve data integrity already exists. WORM, which stands for “write once, read many,” ensures that data, once written, cannot be changed or deleted until a specified time has passed. Because the data cannot be modified, it therefore cannot be encrypted, thus rendering the malware ineffective. No one, not even those with admin rights, can change the data, thus also protecting it from employees with malicious intent.

WORM technology is straightforward to implement: it is available as a system-level function of Cloudian storage.

WORM storage and versioning techniques can stop ransomware by preventing it from encrypting your data.

WORM-equipped storage can be deployed in three ways:

Data Versioning Offers Flexibility

Another option to stop ransomware is data versioning. This creates a new copy of the data when changes are made, while retaining the original copy for a specified period. Thus, if malware encrypts a file, a copy of the unencrypted file will still exist. The benefit of versioning is flexibility: you can erase the old copies at any time to retrieve capacity or comply with data governance rules.

Compared with WORM, versioning offers a lower level of protection: In theory, malware could delete the original, unencrypted data. But ransomware typically does not do this. After all, you can’t collect ransom for data that no longer exists.

Both versioning and WORM technologies provide protection where it matters: where the data resides. And they are both difficult to penetrate and easy to integrate.

Download the “stop ransomware” solution brief here.

Read more about Cloudian storage here.

Exit mobile version