360 View of Ransomware and Prevention Methods
Go Back
Ransomware

360 View of Ransomware and Prevention Methods

The Co-founder of Assurance IT, Luigi Tiano and the Senior System Engineer from Veeam, Brandon McCoy got together for an interview about cybersecurity and protection. This is part one of the interview where they do a complete 360 view on ransomware and prevention methods. They reveal how Assurance IT’s EPR Methodology helps companies with ransomware, which verticals are at the most risk, how vulnerabilities in businesses are taking over their data and even more. Keep reading to get the best insight on how to protect your business. 

Topics Covered:  

  • How Assurance IT's EPR methodology help companies with ransomware
  • How ransomware started and how far it's gone today
  • Bitcoin, cryptos
  • The Dark web
  • Ransomware as a service
  • Which verticals are at the most risk?
  • Manufacturing
  • Healthcare
  • Education
  • Everyone
  • Vulnerability in businesses and their cyber risks
  • Small businesses
  • Mid-size businesses
  • Strategies
  • Why Veeam is proactive and how the 3-2-1 backup rule is essential for enterprises
  • How much can you afford to lose?
  • Latest Veeam Backups
  • Immutable backups
  • Storage platforms

  • Tapes or cloud backups? Which one?
  • Old tapes, new backups or both?
  • Which one is easier?
  • Backup VS replication in your business continuity plan
  • Onsite? Offsite?
  • RTO, RPO
  • Instant recovery
  • Active directory

HOW DOES THE EPR METHODOLOGY HELP COMPANIES WITH RANSOMWARE? 

LUIGI:  

So just a little about what's going on this morning, we're conducting a series of interviews with industry leaders, like yourself, thought leaders, as we call them, experts in the field, discussing data protection, discussing how to protect the enterprise in today's world, the evolution of ransomware. Essentially what the data protection enterprise, what we do is we help companies protect their enterprise as a whole, right? We have a methodology that we follow this methodology we call the EPR methodology, educate, protect, recover. We help educate the end users, the end clients, we help them understand what a ransomware attack may look like, what a cyberattack may look like.

Of course, we layer on the protection and protection can be anywhere from a cybersecurity solution to of course, Veeam data protection, not only on-prem, in the cloud, we layer on replication or disaster recovery as a service on top of that. And then last but not least, we have the recover aspect where we help companies restore their operations in the event of some kind of physical, digital or cyber disaster. So that's, that's the methodology we use with a lot of our customers. It's a maturity, maturity model that we layer on. And that's kind of why I wanted to talk to you a little today about you know what you've seen, when it comes to ransomware. So, let's dive into ransomware.  

HOW RANSOMWARE STARTED AND HOW FAR IT’S GONE TODAY 

LUIGI:  

Specifically, in your experience, what have you seen from the evolution of ransomware? What's been your experience over the last, let's say, three to four years?  

BRANDON:  

Sure. Well, ransomware has been around a lot longer than I've been in the industry. Actually, I think right around the time, I was like nine or 10 years old. It kind of evolved in the early 2000s, to a little more anonymous with the use of bitcoins, the ransomware still wasn’t that great, they were pretty, pretty simple. But, you know, with the anonymous, anonymous and anonymous anonymity of your hardware, um, you know, these bitcoins in cryptos, it became a lot more valuable for people to do this.

In today's world, we see ransomware as a service, believe it or not, so third party data centers, you don't even really have to know how to write code or be a hacker, you can just, you know, go on the dark web and, and purchase these codes. And so, it's a lot easier. And they're everywhere, they're popping up, you know, seems like almost every day now, unfortunately, that's interesting.  

This image has an empty alt attribute; its file name is ASSURANCE-IT-MANUFACTURING-1024x768.jpeg

WHICH VERTICALS ARE AT THE MOST RISK?

LUIGI: 

You mentioned as ransomware as a service, I heard something about that, right? So, you actually, if you want to attack a company, you can go out there and just buy a service and then just target your combat cents.  It's interesting how the world has become such a nasty place. So, what are specific verticals you're seeing that are impacted? Run? And I'm just curious about that?  

BRANDON:  

Yeah, that's a good question. There's this kind of motto, if you will, any. Everyone is at risk. Every vertical, every sector. Right now, of course, you see the big ones like the healthcare industries, banking, government, finance, you know, those are the big targets. Those are the real sophisticated hacks, usually a lot of times coming from state sponsored terrorist hacking organizations. But then you've got the small ones to write the small run rates where it's just some maybe small business and all they're going to ask for is 500 bucks, you know, maybe your personal email account gets hacked, and they just ask for a couple $100. So yeah, everybody's at risk.  

VULNERABILITY IN BUSINESSES OF THEIR CYBER RISKS 

LUIGI:  

Wow, it's sad to say because I mean, initially, you know, a lot of larger corporations are probably good day, you know, they've been prime targets, right. But I think as you as data has become so valuable to everyone, right, small, mid-size, you know, this doesn't matter how big your business is, but data is very valuable. So, anyone's been more has become a target. What's like a crucial thing that you talk to when you talk to businesses? Right? I mean, is it safe to say that a lot of businesses know what ransomware is? I'm just curious as to what you see, when are businesses aware of ransomware? Or like, is relatively new? And you talk to him about it?  

BRANDON:   

Yeah. So that's a good question as well. So, here's what I can tell you. Usually, when we talk to people, now, I usually work with service providers, so they are more aware, but from the end users that they're, you know, protecting or offering services to, I do a lot of these joint webinars with our partners, and I've been doing ransomware webinars for years. And at some point, I feel like man, there's, nobody's going to show up for these because everybody knows what ransomware is by now. But we get hundreds of attendees every time.

Maybe they've heard of ransomware, but they don't really understand the impacts. And a lot of times, like you said, they think it's these big businesses. You know, my I'm not going to be I don't have anything to worry about. I'm a small shop, you know, so definitely, you know, the depth of ransomware. I think people don't understand how serious it is, and a lot of the tips and strategies to mitigate it. Maybe not as prevalent as just knowing about ransomware as a whole. 

WHY VEEAM IS SO PROACTIVE AND HOW THE 3-2-1 BACKUP RULE IS ESSENTIAL FOR ENTERPRISES 

LUIGI:  

Yeah, that's exactly my experience. And my in my opinion, you know, it's, a lot of people have the mindset, well, I don't have anything valuable for anybody to take away. And then that's kind of like, and I wouldn't say an oversight, but perhaps, you know, being a bit naive as to how valuable your data or business is, right? It all comes down to how much can you afford to lose? How much can your business afford to lose, frankly, and again, that comes back to what we talked about earlier I mentioned earlier is education, right? Awareness, you know, I think the end user is kind of so focused on their day-to-day job, that they don't understand the impact of what a ransomware attack could look like, and what it can do ultimately to their business.

What is Veeam doing to curb that ransomware attack, or I guess, make customers more aware? Or what kind of solutions are you putting out there? I mean, I know what they are, but maybe you just kind of, you know, tell us a bit more about them.

  

BRANDON:  

I think people kind of confuse the two. There are some blurred lines of proactive and reactive ransomware strategies. Veeam is definitely more of the proactive, right? Of course, now we have best practices will help you, you know, get set up and make sure you're doing you know things right, but we're really taking this from, if you get hit by ransomware, don't worry, because we've done XYZ, right. And so, some of those things are security of the repository. So, for instance, in the last few versions, we've released immutable backups. So, we have a variety of storage platforms for on prem and in the cloud, where you can make your backups immutable, meaning that they are read only, you can't write to them. 

Therefore, ransomware can't encrypt, and you can't delete them. Sometimes ransomware can be a malicious employee, right? Or it could be just a mistake. So, you know, another thing is what we call the 3-2-1 rule and that means having three copies of your data on two different devices with one off site. We provide these strategies to have copies of your backups to be able to verify your backups and protect those backups. So that if ransomware does hit, we may be able to defend against at least your backups, right? Your production data may still get hit. But at least you've got a copy of that data in two locations, and it's safe, and you know that it'll work when you need it.  

 TAPES OR CLOUD BACKUPS? WHICH ONE? 

LUIGI:  

I'm glad you bring in the 3-2-1 rule. So that's an interesting point because we can't talk enough about how important that is right. So, are you having you, obviously I mean, we've there's been an evolution where, you know, companies typically store their data on prem, they've got their primary target, and they've got your obvious tape backup, they want to call it right? And then they obviously have the service that comes in, pick up the tapes. I mean, it is, if you have to give me a number, you know, we added assurance if we've actually digitized that entire process, we do is we obviously we've created a call Connect piece where customers can send the data off site, and that really kind of replaces the tape aspect of things.

Still three to one, of course, but just digitize the entire process and making it easier for companies to recover because they don't have to call the tape service back and so on. So, once you if you have to give me a percentage, I mean, our customers still in, you know, are they still tape based? Are they using cloud services? Like us? Or both? What are you seeing in terms of, you know, mean, percentage wise? 

BRANDON:  

Yeah, that's a good question. I don't run across too many tape customers. But when I do, they're pretty hardcore about wanting to use tapes. And I think that could just be you know, again, I'm kind of newer in the industry. So, tape has been around for a long time. Tape is cheap. And you know, it is disconnected from the internet, right? If it is, it's ejected, then you can't get to it at least virtually, right? You could get to it physically, maybe. Yeah, tape is, you know, it's a little cumbersome.

It's not the best thing to restore from, one of the things I like about Cloud Connect is it’s an off-site copy, there's lots of ways you can protect that data. And it's just as easy to restore, you have the same options, right? You don't have to load a bunch of tapes and do any kind of staging. So yeah, a lot of people I think, are kind of going away from tapes and going to an off-site, like a Cloud Connect or something like that.  

This image has an empty alt attribute; its file name is ASSURANCE-IT-BACKUP-VS-REPLICATION-1024x722.jpeg

BACKUP VS REPLICATION IN YOUR BUSINESS CONTINUITY PLAN

 

LUIGI:  

Yeah, one of the things I find with tape as well, Brandon is, customers don't do any resource, they'll put the date on tape. And they'll put it somewhere off site for a while. And then like you never appears it's not around; they just don't write they don't have the will to kind of just do a restore and make sure that the integrity of the data is actually there. So that's, that's something that I've heard of as well often, where customers will do a restore, let's say in a year from now, or six months from now, you know, someone on some archive data, and it's actually unreadable for some reason or another, you know, it doesn't always happen. But you know, I guess when you digitize it from our, from our perspective when digitized, and it's always there, always available. 

So, it really makes it really, obviously helps from a business continuity perspective, right, being able to prove really quickly that hey, yeah, your data is available. And yeah, we can restore it pretty quickly. I talked a little about business continuity as a whole, right. So obviously, ransomware is, you know, a really hot topic nowadays, but have a business continuity. Right. So Veeam offers backup, and they also offer replication. So, when you talk when customers come to you and ask you about business continuity, this is the conversation immediately shifts to replication or this backup part of that it is it layered on how do you talk about that when customers are brought to talk? 

BRANDON:  

Yeah, sure. So unfortunately, those are one of those words that get kind of tossed around, right? A buzzword business continuity, disaster recovery, the cloud, and you really have to focus in on well, what does that mean? And that's kind of our job and our partners jobs is to sit down with the partner and like you said, how much data loss can you afford? We have words like RTO and are acronyms like RTO and RPO. Right recovery time and point objectives we can get into if you want, but business continuity is more than the replication piece, or at least some features like instant recovery.

Business continuity is, you know, yes, I can restore from all these backups and in a specific amount of time. But what if I need to just flip a switch? Right? What if I've got these tier one applications? I can't afford any, you know, large recovery time objectives, I need to be up and running in seconds. And when you start, you know, walking through that process with the customer, okay, well, we've got your machines, but what about your Active Directory? What about your DNS, you know, how are the machines going to be reachable? What about your different networks? There's a lot that goes into it more than just saying, I backed up my machines. So, I'm good to go. Right? 

PART 2

Want to hear more? We'll have a part 2 coming soon! In part two, it is a deep dive into backups, tapes, advanced AaaS and more. Stay tuned for our next blogs, we have exciting content for all types enterprises.

Stay tuned!