How to Protect Your Company from Ransomware

Ransomware attacks are now making it into mainstream media headlines – the meat producer JBS in Brazil was recently a victim of an US$11-millon cybercrime, the largest cyber ransom in history, and that the gasoline supply in the US was affected for weeks.

And there are many, many other cases affecting hospitals, governments, and companies. The 1H 2021 Unit 42 Ransomware Threat Report states that ransom demands increased to an average of US$570,000 in the first half of 2021, up a staggering 82% more than last year. This only represents ransom demands and doesn’t even cover the production losses and the enormous damage to reputation for the parties concerned. It is therefore vital for companies and other IT operators to stay one step ahead by choosing the right solutions.

Two Steps

In principle, there are two different approaches that can be taken. The first step involves training employees and the second continues with measures such as deploying endpoint, network, and application security. Given the number of network devices today — think about the IoT and those who are working from home — achieving 100% security seems impossible. Therefore, solutions are needed to minimize the damage in the event of a successful ransomware attack.

With this in mind, data protection is becoming increasingly important and must be adapted to these attack scenarios in terms of Recovery Time Objective (RTO) and Recovery Point Objective (RPO).

Huawei addresses these issues with the its new Data Protection Portfolio.

Ocean Deep with Data Protection

The portfolio is multi-layered and extends from primary storage to backup destinations and archives and encompasses business continuity, data recoverability, and regulatory compliance. Active/Active or Active/Passive solutions can be mapped, even across multiple data centers and the cloud, and include archiving to the cloud or to mass storage solutions like OceanStor Pacific.

The portfolio is extremely flexible and can be seamlessly integrated into existing environments. Even backup software does not have to be changed to achieve many benefits.

At the first level, the primary store, e.g., the OceanStor Dorado, we have implemented the HyperCDP (Continuous Data Protection) function. This can create snapshots of a LUN every 3 seconds and keep up to 60,000 snapshots. As you would expect, consistency groups are also taken into account. Therefore, the RPO is reduced to three seconds. This is an enormous increase compared to conventional backup windows of 24 hours.

Application-consistent backups and snapshots are created via OceanStor BCManager. This key tool scans the application servers for installed applications and installs the appropriate plug-ins. Consistent snapshots and backups can be created and transferred to the backup destination as needed. The HTML5 GUI also graphically depicts the application and backup structure.

One highlight is certainly the OceanProtect Backup Storage. It offers impressive parameters in two performance classes for an efficient and highly available backup destination. Highlights are compression of up to 55:1, 155 TB/h bandwidth and a maximum storage capacity of 9.2 PB. For this purpose, the OceanProtect X8000 and X9000 can be connected with FC, iSCSI, NFS and CIFS using up to 32 Gb FC and 100 GbE. Different primary storage and a variety of backup software can be used via the open interfaces. This makes them an ideal backup destination for large amounts of data, facilitating rapid backup cycles and allowing data to be restored as quickly as possible.

The OceanProtect Appliance is a complete solution. It combines the elements of backup software, backup server, and backup destination into one system, simplifying operations considerably. The backup copies are kept in the original format. This reduces the RTO to a few minutes when restoring. The data is available instantly, without copying, for software development or data analysis. This solution is especially suitable for separate application stacks and small- to medium-sized environments.

Policy-based archiving can be used as the third stage within the data protection architecture. The S3 interface allows, for example, the OceanStor Pacific, Blu-ray systems or the cloud to be used as archive storage. The solution allows legally compliant archiving processes and offers a connection to the overall architecture. This means that the archives are immediately accessible for data analysis, if required.

Data can be protected securely and quickly with this flexible, three-stage data protection solution. Recovery Time Objective (RTO) and Recovery Point Objective (RPO) are minimized. Even in the event of a ransomware attack, the system environment can be restored efficiently and effectively.

If it is only a matter of replacing the backup systems, the OceanProtect X8000 and X9000 or the OceanProtect A8000 appliance are the best choices.

Read more about Huawei’s Data Protection Solutions.

Disclaimer: Any views and/or opinions expressed in this post by individual authors or contributors are their personal views and/or opinions and do not necessarily reflect the views and/or opinions of Huawei Technologies.