Whoever said crime doesn’t pay obviously wasn’t a ransomware operator. Ransomware does pay, and it pays a lot. And with the growing popularity of tactics such as double extortion, ransomware is becoming even more lucrative.
A recent study analyzed ransomware attacks in North America and Europe and discovered that ransom payment averages have risen 171 percent year over year, from $115,123 in 2019 to $312,493 in 2020.
The same study found that prior to 2020, the largest known ransom payment was $5 million, but in 2020, one company paid $10 million to get the decryption key for their data. And although it is unknown whether the company paid up, in another 2020 incident, a ransomware operator demanded $30 million for the key, which is twice the previous highest demand of $15 million.
These numbers—coupled with the increased frequency of ransomware attacks—may sound terrifying, but there is no need to sit back and wait to be a victim. Proactively implementing a comprehensive data protection strategy provides a layer of security to prevent attacks and a game plan for recovery if an attack succeeds.
One key component of an effective data protection strategy is immutable storage. Immutability means that once data is stored, it is impossible to overwrite, change, or tamper with it. This type of storage is essential because it plays a variety of roles in the IT environment.
As a disaster recovery solution, immutable storage provides clean data that can be restored after an unplanned disruption or cyberattack. From a data protection standpoint, it prevents accidental deletion and malicious data corruption (with some caveats—more on that later).
Immutable storage also provides compliance-friendly data retention, which is required for organizations in highly regulated industries such as healthcare and finance.
Despite the many benefits of adding immutable storage to your data protection strategy, it absolutely should not be relied on as the sole means to prevent data loss and corruption.
Here are the top three pitfalls you can avoid by not making immutable storage the sole tool in your data protection toolbox.
You know what they say about an ounce of prevention. It may seem cliche, but this old adage is incredibly relevant when it comes to ransomware.
For a number of reasons, preventing ransomware attacks is always preferable to cleaning up the mess afterward. To name just a few ways ransomware attacks affect businesses:
In addition to immutable storage, be sure to invest in a technology solution that combines both cybersecurity and data protection. This will provide threat detection, neutralization technology, disaster recovery, and business continuity capabilities, while also minimizing complexity and increasing visibility.
As mentioned above, immutable storage does prevent data corruption, but with caveats. Some new ransomware strains specifically target backup files, which can have serious implications for disaster recovery.
Storing a copy of data that has been infected with ransomware means you are backing up and protecting the ransomware itself. Once the corrupted data is in immutable storage, it cannot be quarantined. When you try to recover this data, you end up reinstalling the malicious code as well, and you’re back to square one.
With the huge number of threats organizations face today, only implementing a single defense layer is practically useless.
The only way to put an effective barrier between your company’s data and everything that is out to get it is by applying multiple layers of protection to ensure data stays secure and recoverable.
Immutable storage is one part of this equation, but at a minimum you will need additional security safety nets such as:
Immutable storage is an essential part of a comprehensive data security strategy, but it cannot solely provide the level of protection needed to prevent data loss from a disruption or security event.
Between natural disasters, human error, evolving cyberthreats, and technology failures, the more safeguards your organization has in place, the better. For more disaster recovery tips, download A Ransomware Crisis Plan is Now a Business Imperative to learn how to mitigate damage from ransomware and other cyberattacks.