VMware Cloud Disaster Recovery

Ransomware Requires DRaaStic Measures—Part I

Ransomware Requires DRaaS

Ransom “who,” “what,” where? I bet some of you might be thinking that, and if you are, you’re one of the lucky ones.  If you don’t know anything about ransomware, it’s because you either haven’t been hit or were hit but don’t know it yet. Let’s be optimistic and assume you’re really lucky.

Ransomware, in a nutshell, is a data loss threat that can block access to your data by encrypting or deleting it. Your data is held ransom (hence the term ‘ransomware’) until a sum of money, usually in the form of Bitcoin, is paid. It’s basically cryptoviral extortion. But it doesn’t end there because the nature of ransomware is evolving and research points to increased extortion from cybercriminals who, many times, resort to threats of releasing sensitive data to the public (Apple and Quanta refused to pay $50M in ransom when a ransomware group stole schematics of unreleased products and threatened to make them public).

You may be asking yourself—if this is impacting huge companies worldwide, how will my organization adapt to this ever-evolving threat that could expose my critical data? Where do I start? The answer to that question requires a blog series (at least). Let’s start with a quick history lesson. Ransomware has been around a long time (the first documented attack took place in 1989). Gartner now projects that by 2025 at least 75% of IT organizations will face one or more attacks.  Researchers documented a dramatic increase in ransomware attacks during 2020, pointing to sevenfold or higher rates of growth[1]. This is a BIG problem that continues to grow, and yet most of us aren’t even aware of how ransomware could affect us—think traffic light outages, 911 calls not coming through, even cheese shortages (if you don’t believe me, check out the what happened in the Netherlands—not a Gouda situation).

As much as we’d like it to be simple, it’s not something you quickly fix and forget about. It requires you to have a plan, practice it, and understand the implications it has on your business if you mess it up. That’s why cyberattacks are projected to cost the world $20T this year. Yes, that’s Trillion with a T.

The good thing is, people are beginning to realize that something can be done to better adapt to what could happen if ransomware hits. Technology is evolving and empowering organizations to not just respond, but to adapt—that is the true key to resilience. To achieve this, focus on three key pillars: Protect, Detect and Recover.

While protecting your data against ransomware requires many things, focus on what you can control—such as how often you train your employees on best practices and the tools you choose to protect your data. Setting up firewalls where needed and securing your systems is the first line of defense, and of critical importance.

But as evolved as security tools are, the goal of cybercriminals is to circumvent them and gain access to your data—evolving threats require additional planning to mitigate.

Detection tools are key to identifying and controlling the impact of threats (late detection is amongst the top reasons behind severe data breaches). Tools empowered with AI/ML provide the most robust capabilities to identify subtle anomalies and favor early detection (and hence isolation) of infected systems. The longer a system has been infected, the higher the chances that intruders have penetrated critical applications, which makes the third step, recovery, far more complex.

Last, but certainly not least, is recovery. Think about recovery as the last line of defense for your organization’s data. Yes, the threat of confidential information being released exists, but what good is your data if you can’t have it readily available to keep your business running? And how do you leverage the right technology tools to achieve this while staying competitive and optimizing limited IT resources?

Disaster Recovery as a Service (DRaaS) is an example of a technology that drives data availability in the case of a ransomware attack while meeting key requirements that other traditional solutions fail to address. DRaaS plays a critical role in resiliency management, as it is the last line of defense in the event of a ransomware or security breach. When adapting to a transient threat such as ransomware, it’s always a good idea to have a worst-case-scenario plan—and customer behavior points towards this as an ongoing trend: IDC predicts that DRaaS (Disaster Recovery-as-a-Service) will grow to an $8.4B service by 2024.[2]

There’s a reason for that— brings several interesting qualities to the table:

  • On-demand IaaS: Without the need to pay for a secondary DR site until you actually need it, on-demand IaaS drives cost optimization for workloads that don’t require a near-zero RTO. This gives you a reliable, clean environment to failover to without setting your business back with a permanent CapEx-intensive (on-premises) DR setup.
  • Replication and Immutable Storage: Duplication of backup snapshots stored in the cloud allows you to have multiple copies of your data in case your production environment is compromised. These snapshots are immutable, which means they can’t be altered by malware.
  • Recovery SLAs: You know how long it will take you to recover access to your data, and how much data you may have lost (Recovery Time Objective and Recovery Point Objective, respectively).
  • Automated Failover and Failback: Your DR tool is able to perform recovery tasks automatically while orchestrating your preset plans. Once your production environment is clean, you can also automate failback to return to normal operations. The key is being able to do this at scale, for your entire environment, if need be, to get your business back up and running.

Ransomware requires DRaaS. This makes DRaaS our favorite candidate for companies looking to confidently adopt cloud while keeping data available if disaster strikes.

DRaaS Ransomware

Disaster Recovery Should not be a Short-term Strategy

The choices you make regarding the integrity and availability of your data should not be short-term—unless you want your business to be. Investing in the right technology at the right time can pay off not too far down the road (hello, cloud), which is why smart choices today may give you some free time and peace of mind tomorrow.

We are committed to helping you get that quality time with the fam, empowered by our newest DRaaS offering, VMware Cloud Disaster Recovery. This solution brings the following added benefits for ransomware protection:

  • Immutable snapshots stored in an intrinsically secure Scale Out Cloud File System (SCFS) can’t be altered by malware and are separated from the primary production site (on-premises or in the cloud).
  • A simple SaaS experience within a consistent VMware environment minimizes re-training of IT teams and the risk of human error.
  • Simple, non-disruptive testing empowers organizations to rehearse DR plans frequently, driving DR readiness.
  • Continuous end-to-end DR health checks every 30 minutes, drive confidence in recovery.
  • Instant Power-On of VMs using an on-demand or pre-provisioned SDDC in the cloud dramatically reduce time to recovery. This can be performed with zero-copy and no data rehydration.

With VMware Cloud DR, you can focus on enjoying your PTO without data availability fire drills while we manage your DR operations and keep your data reliably protected.

Interested in learning more? Tap into these additional resources on VMware Cloud DR and how it can help you drive your data integrity and resiliency plans.

Discover the Benefits of DRaaS White Paper

VMware Cloud on AWS—On-Demand Webcast: Driving Resiliency in the Cloud and Beyond with VMware Cloud DR

Drive your Business with the Right Level of Protection

[1] Gartner, “Detect, Protect, Recover: How Modern Backup Applications Can Protect You From Ransomware”, Published 6 January 2021, IDG00733304

[2] IDC, “Worldwide Data Protection as a Service Forecast, 2020-2024”, November 2020