Do you sweat the threat of ransomware? Save the sweat for your workout.
Ransomware attacks are more common than you might think. With growth rates seven times higher or higher in 2020, Gartner estimates that by 2025 at least 75% of IT organizations will face one or more ransomware attacks. According to the 2020 FBI Internet Crime Report, the organization received around 2,500 ransomware complaints in 2020, up about 20% from the previous year. The collective cost of attacks reported in 2020 was approximately $ 29.1 million, up more than 200% from $ 8.9 million in 2019. Even after the ransom is paid, organizations do not not always recover their data and the costs to the organization may disappear. well beyond the ransom itself.
Why ransomware makes you sweat
Ransomware is a term we hear a lot more these days. All cyber attacks can be damaging, but ransomware attacks usually pose the greatest risk because they target an organization’s most valuable property – its data. These malicious programs allow a third party to access and encrypt files, delete the originals, and threaten to delete the only remaining (encrypted) copy of the files if the ransom is not paid. These attacks are common, happen quickly, and can be debilitating to the victim’s cloud files. They often render an organization’s services, applications, or sites inoperable.
But paying the ransom doesn’t always minimize the damage. Even when paid for, there is no guarantee that the data will be recovered or that a decryption key will work. Additionally, it can take weeks after an attack to fully assess and rectify the losses. The damage doesn’t just come from the ransom itself and the associated downtime. Costs can include rebuilding servers and workstations, lost opportunities and damage to reputation. Here are some recent examples:
In 2018, the city of Atlanta was hit by the SamSam ransomware. A month after the attack, the cost of recovery was nearly $ 3 million as the city had not fully recovered.
In 2019, hackers blocked the local government in Jackson County, Georgia, from their computer systems with the Ryuk ransomware.
In 2021, REvil, one of the most aggressive ransomware groups, exploited a vulnerability in Kaseya’s remote management service VSA, with around 50 customers, which further infected 800 to 1,500 others. companies. REvil asked for $ 70 million for a universal decryptor.
Not being able to access critical data can have serious consequences not only for the organization itself, but also for its end customers.
Why ransomware targets the cloud
Ransomware is increasingly targeting the cloud for three main reasons:
- Business data moves to the cloud. The cloud is home to a treasure trove of data. Not only for organizations that strive to turn their data into actionable information or to sell information, but also for cybercriminals who recognize them as a target on which they can ransom.
- Cloud services are crucial for business continuity. Ransomware attackers focus on critical and irreplaceable workloads that organizations will be tricked into paying the ransom to free. For many, these are in the cloud.
- Cloud resources are shared by many. If the cybercriminals manage to take hostage an entire server owned by a cloud provider and used by many organizations, they can increase the ransom amount obtained with a single attack.
Since the underlying public cloud infrastructure is secured and managed by the cloud service provider, many mistakenly assume that the threat of ransomware in the cloud is less than in a private data center. Unfortunately, it is not the case. All major cloud platforms operate on the basis of a model of shared responsibility for the security and compliance of the services offered.
Google Cloud advises its customers that it is their responsibility to keep virtual machine (VM) operating systems and applications up to date to avoid potential infections such as ransomware. Like a private data center, customers have unlimited access to virtual machines and their guest operating systems, which means issues like patching are just as important and complicated as in a private data center.
The public cloud is not immune to ransomware infections, and prevention and remediation remains the sole responsibility of the customer.
The first layer of protection with Google Cloud VMware Engine
Investing in Google Cloud VMware Engine and NetApp® Cloud Volumes ONTAP® can help avoid data lockdown and its impacts at scale.
Many organizations have made significant investments in VMware tools and skills to form the cornerstone of their corporate IT environments. With the explosion of the cloud in recent years, companies have also started to integrate cloud computing as a key part of their IT strategies and are now eager to run their VMware applications in this same environment.
Google Cloud VMware Engine enables organizations currently running VMware on-premises workloads to continue to leverage their existing investments in VMware while seamlessly migrating to Google Cloud. With Google Cloud VMware Engine, businesses can increase the agility and availability of their business without reorganizing or refactoring their applications. Teams can use the same tools, processes, and policies to maintain business continuity while avoiding data center management, hardware refreshes, and supply cycles.
But when virtual environments migrate to the cloud, ransomware will certainly try to keep up.
NetApp Solutions for Ransomware Protection in the Cloud
NetApp Cloud Volumes ONTAP is a software-defined storage offering that provides advanced data management for your VMware workloads running in the cloud on Google Cloud VMware Engine. NetApp Cloud Volumes ONTAP provides integrated ransomware prevention, detection and remediation options to help enterprise customers effectively mitigate and recover ransomware infections in the cloud.
- Quick recovery. The costliest aspect of a ransomware attack is the downtime to get your data back online. NetApp Immutable Snapshot ™ copies restore terabytes of data in seconds, not hours.
- Safety in layers. NetApp features such as SnapMirror® replication software technology and volume replication allow you to replicate your snapshot backups to multiple locations (DR site, cloud, secondary system) for enhanced resiliency.
- Risk mitigation. NetApp services and tools provide visibility into the security of your data and offer options to mitigate potential risks.
Stay Protected with NetApp Cloud Volumes ONTAP
Large businesses and government agencies rely on Cloud Volumes ONTAP for consistent, cost-effective backup and restore services, knowing there is no question about the remediation process or how much it will cost to restore data. Save sweat for your workout with NetApp cloud data protection solutions.