Isolate backups and data from attacks.

Ransomware gained greater visibility in 2021 as high-profile breaches proved that no organization is immune to attack. According to one recent survey, 51% of companies said they had a ransomware incident in the last year.¹ As the number of attacks increases, so does the ransom being demanded and the cost to remediate attacks. In 2020, the highest ransomware demand grew to $30 million, and the average cost globally to remediate a ransomware attack increased to $1 million.² And, it’s only going to get worse, with enterprises experiencing a ransomware attack every two seconds by 2031, according to a recent Cybersecurity Ventures survey.

Statistic

The average cost globally to remediate a ransomware attack increased to $1 million.Source: Clarke N, The Changing Shape of Ransomware, KPMG International, 2021.

Statistic

Enterprises will experience a ransomware attack every two seconds by 2031.Source: Morgan S, Top 6 Cybersecurity Predictions And Statistics For 2020 To 2025, Cybercrime Magazine, 
Dec. 2021.

---

Ransomware Attackers Want Your Backups

Let’s take a look at how ransomware typically wreaks havoc on an organization by entering the production environment. Most often, it begins with an unsuspecting user who clicks or downloads an infected file or visits a website. From then on, malware takes over, making its way to application infrastructure until the production infrastructure is compromised. 

In the past, legacy backup infrastructure was relied upon to recover affected assets; today ransomware attackers are more sophisticated, and they target backups because they understand that it’s where they can cause the greatest disruption and get the biggest payday. Backups are valuable, and when it comes to ransomware, attackers are seeking the assets that are most likely to reap the greatest monetary reward. In short: Backups, once insurance against data loss, have become targets. Malicious malware like Locky and Crypto delete the backup copies before encrypting the application infrastructure and then encrypting the data.

Isolating backups and data from the network via air gapping can help protect backups from ransomware attacks and secure valuable data. When it comes to data management, an air-gapped solution maintains a copy of the data in a location that cannot be accessed without being physically present, preventing malicious actors from attacking the data over the network.

Isolating backups and data from the network via air gapping can help protect backups from ransomware attacks and secure mission-critical data.

---

Why Air Gap?

The only way to ensure your organization’s data is safe from threats is to have an immutable copy of your data, on-site, that is kept offline and inaccessible as much as possible. As part of your backup and recovery strategy, an air-gapped backup solution that isolates data does just that. Because there is no internet or network connection, malicious attackers have no way to access your backup environment and your mission-critical data. 

Now, let’s look at a ransomware attack with an air-gapped, data-isolation backup solution in place. This time, when ransomware attempts to infiltrate and compromise your backup, it’s stopped in its tracks. And, with an air-gapped, data-isolation solution based on Cohesity next-generation data management, you also gain the advantages of immutable snapshots, DataLock to provide a time-bound WORM lock on the backup snapshot that can’t be modified, encryption, role-based access control (RBAC), and no back door. At the same time, you also gain the ability to detect anomalies based upon changes in data patterns, which provides you with the intelligence to ensure that ransomware attacks are quickly identified and can be mitigated.

This comprehensive approach to data isolation also supports your service-level agreements (SLAs) with the ability to quickly respond to and recover from an attack.

This comprehensive approach to data isolation also supports your service-level agreements (SLAs) with the ability to quickly respond to and recover from an attack.

---

CyberNorth Secure On-Site Data Vault

CyberNorth Secure On-Site Data Vault, based upon the Cohesity Air-Gap Data Protection Reference Architecture, is a turnkey, appliance-like solution that isolates backups from the threat of ransomware attack. Following CIS Benchmarks™ in the implementation of the Secure On-Site Data Vault, CyberNorth protects valuable backups and gives you the confidence that your data will be there when you need it.

Let’s talk about how we can help you protect your data from escalating ransomware attacks with CyberNorth Secure On-Site Data Value.

---

¹ Clarke N, The Changing Shape of Ransomware, KPMG International, 2021.
² Coalition Inc., H1 2020 Cyber Insurance Claims Report, 2020.