The Case for Ransomware Resilience

This summer, we’ve repeatedly heard comments like the following:

“We are setting up new drives and locking them down to be immutable and isolated for essential data…”

“We’re going through all our back-ups manually to make sure we can recover…”

Sound familiar? It’s a clear signal that we’re entering a new chapter in the evolution of ransomware. We started with prevention for obvious reasons: stopping attacks before they’re successful is ideal. While prevention defenses are necessary, the massive and worsening impact of ransomware is testimony to the need for more. Cyber insurance is equally important as part of a defense strategy. However, it has a number of deficiencies, from not stopping the attackers from leaking the encrypted data to continuing to fund the gangs driving the problem itself. Not to mention skyrocketing cyber insurance premiums.

The next chapter in ransomware will feel oddly familiar. It’s going to be focused on resilience. Ransomware is not going away. We cannot stop every attack. We cannot pay insurance companies to make the problem disappear. We have to determine how to make it hurt less. How we can recover fast enough to avoid painful downtime and the excruciating decisions that follow. If this sounds hauntingly similar to our current situation with Covid-19 and climate change, new realities we need to adapt to, we would agree with you. 

Can you undertake a ransomware resilience strategy yourself using existing tools? Absolutely. It starts with a strong (and routinely updated) grasp of your critical systems and data, and ends with testing that you can recover them in the event of an attack with minimal downtime. To date, it’s required using at least five different consoles and products. If that sounds like a lot of work, it is. And it’s likely to require time from the most skilled people in an organization — the ones that are already double-booked on projects until this time next year.  

At Open Raven, we believe that ransomware resilience is the key to turning the tide against the attackers. In order for organizations everywhere to be confident they can recover, creating resilience and having the confidence to recover has to be much easier than it is today. It must require fewer products. Impose less on already overworked security and cloud professionals. It will need to harness automation in order to stay updated.

Today at AWS re:Inforce, the AWS team announced AWS Backup Audit Manager, a new feature created to help organizations continuously and automatically track backup activity, such as changes to a backup plan, and generate automatic daily reports. Open Raven's platform now includes backup, along with infrastructure and data-intelligence for a modern approach to cloud data security. Along with today’s announcement, we have even more news coming next week to showcase the incredibly exciting work we’ve been doing with the AWS Backup team in order to greatly simplify and streamline ransomware resilience for cloud environments. Just check back here for details on September 2nd, join us at the third AWS Storage Day, or if you can’t wait until then, we’d love to give you a sneak peek. Just drop us a line.