Justin Giardina, chief technology officer for iland explains that, as the rest of the world adopts the cloud as their place of business and pleasure, we are becoming easy prey for a one of the most creative, conniving and vicious predators in the cyber world – the ransomware hacker. In his recent article, “Stealing Time from the Faulty Plan: Four Ways to Guard Against Ransomware in Clouds”, he explains that he does not want folks to go it alone, and is offering Four ways for users to guard themselves against the threat in the new year.
“Ransomware is a computer malware that installs covertly on a victim’s computer and executes a cryptovirology attack to demand a ransom for the hijacked data. A recent survey of 500 businesses revealed that nearly half have fallen victim to a ransomware attack within the last 12 months. Companies that suffer the most from ransomware attacks depend on instant and constant access to critical data and IT systems. As adoption grows for cloud-based mission critical applications, IT leaders are expressing growing concern about their ability to prevent ransomware attacks in the cloud and on-premise.”
Giardina explains that, ss ransomware attacks become more frequent, the methods are more sophisticated and harder to identify, and sites email as still being the number one attack vector.
“According to a recent survey85 percent of organizations admit to incurring three or more attacks a year. The threat is forcing organizations to maintain a robust disaster recovery and back-up plan, as well as deep security and multi-layered protection for cloud workloads.”
To his point, here are four ways to protect your organization against ransomware in the cloud:
- Create a cloud-based backup
The best defense against ransomware is to reduce your vulnerability. This means backing up important data daily and having a disaster recovery failover plan in place, so that even if your IT systems get locked, you won’t be forced to pay to see your data again.
While backups are useful, they won’t necessarily make a ransomware attack painless. If affected by ransomware, customers can restore data from a previous unaffected machine version backed up by their cloud service provider from a time before they were affected. However, while data is available, business as usual may not be restored until production systems are clear of any ransomware effects.
Cloud-based disaster recovery methods enable organizations to failover production to a cloud service provider during a ransomware attack and restore production systems within minutes or seconds. The most common method of providing fail-safe replication of data between two systems is journaling where the system software keeps a running list of storage “writes” in a special log file called a journal. This method providesgranular restoration of virtual machines from specific points in time to enable you to failover to a time before the ransomware attack.
- Advanced Cloud Security
To protect your organization against this rising threat, business leaders have to ensure that on-premise levels of security are available in the cloud. Threat protection features include anti-malware with web reputation, host-based firewall, intrusion detection and prevention, integrity monitoring and log inspection.
- Just say no
The primary method of infecting victims with ransomware is via email. According to a recent report, more than 90 percent of all phishing emails contain encryption ransomware. Cybercriminals can spam victims with emails that carry a malicious attachment or instruct them to click on a URL where malware surreptitiously crawls into their machines. Ransomware hackers are also using malvertising, which compromises an advertiser’s network by embedding malware in ads that are delivered through trusted web sites.
Employees must be trained and educated on how to spot such attacks and every organization must continuously spread knowledge about how to avoid becoming a victim.
- Multi-layer your protection
Some cloud providers offer multiple layers of protection against ransomware and other nefarious attacks. In addition to the advanced security features outlined above, other measures such as two-factor authentication and role-based access control ensure the highest levels of access security via the cloud.
Encryption technology is highly useful in protecting data along with vulnerability scanning, which performs periodic penetration testing to ensure that web servers and networks are not vulnerable to attack. Another factor to consider is multi-level network security, enforcing network segmentation to improve security.
As more workloads are virtualized and cloud computing is further adopted as our normal way of life, the sharks are getting smarter and more aggressive. We’re going to all have to get better in how we avoid them, or as Chief Brody said in Jaws, “We’re going to need a bigger boat.”
Learn more about Iland, and Justin Giardina by visiting www.iland.com