If you have read some of my blogs before, you probably remember me talking about ransomware. If you haven’t, check out Data Protection Security PT. 3 – Cyber Attacks, I talked about the different types of cyber-attacks and talked briefly about ransomware. However, considering the number of ransomware attacks that have been occurring throughout the United States and across the globe, I believe ransomware deserves to be talked about more. The threat level of a ransomware attack happening to you or your organization is at an all-time high and I don’t believe this threat will go away anytime soon.
Did you know the first documented and claimed example of ransomware was in 1989? The ransomware attack was called AIDS Trojan, also known as PS Cyborg. A Harvard-trained biologist named Joseph L. Popp sent 20,000 infected diskettes that were labeled “AIDS Information – Introductory Diskettes”. He sent the diskettes to attendees of the World Health Organization’s international AIDS conference. When people used the diskettes, it caused their computers to reboot 90 times, hid directories, and encrypted the names of the files on the computer. To regain access to their files, users would have to send $189 to PC Cyborg Corp. at a post office box in Panama. Dr. Popp was eventually caught for his schemes; however, he was declared unfit to stand trial.
Let’s fast forward to the internet age of the cyber world, cybercriminals started looking at what Dr. Popp did for his attack but made some changes to the his original virus. In 2006, criminal organizations began using more effective asymmetric RSA encryption such as Archives Trojan and GPcode. These are only two ransomware attacks out of thousands of named ransomware attacks that have been created and used over the years.
Ransomware attacks are on the rise and more businesses and organizations are being targeted every day. Toyota (Japan), McDonald's, San Francisco 49ers, and Howard University are a few organizations that have been affected by a ransomware attack in 2022 alone. This shows that nobody is safe or secured from falling victim to a ransomware attack. According to the Cybersecurity & Infrastructure Security Agency (CISA) “In 2021, cybersecurity authorities in the United States, Australia, and the United Kingdom observed an increase in sophisticated, high-impact ransomware incidents against critical infrastructure organizations globally.” It has been reported that 14 of the 16 U.S. critical infrastructures, including the Defense Industrial Base, Emergency Services, Food and Agriculture, Government Facilities, and Information Technology Sectors have been targeted by a ransomware attack. The current data that is being reviewed shows that ransomware tactics and techniques continue to evolve due to the growing technological sophistication and an increased ransomware threat to organizations globally. The increase in sophistication and tactics being used by threat actors is a great cause to be alarmed.
What Solution(s) Are Available?
Now that we talked a little about ransomware and its current state today, let us talk about some solutions that may help. Unfortunately, there is not a solution available that will prevent an attack; however, there are solutions that can reduce the risk or lessen the impact that it may have on your organization. Let’s take a quick look at some solutions that Dell Technologies offers to assist in combating ransomware attacks. Today, I won’t spend too much time talking about each solution in great depth. Nevertheless, if you want to learn more, I will provide links for you to read more about the solutions.
PowerProtect Cyber Recovery
PowerProtect Cyber Recovery protects and isolates critical data from ransomware and other sophisticated threats. Machine learning identifies suspicious activity and allows you to recover known good data and resume normal business operations with confidence. With PowerProtect Cyber Recovery, you will have five components of a proven and modern cyber recovery solution: data isolation and governance, automated data copy and air gap, intelligent analytics and tools, recovery and remediation, solution planning, and design. This solution also works with PowerProtect Multi-Cloud, AWS, and other leading service providers. I recently wrote a blog about this solution, check it out if you want to read more, PowerProtect Cyber Recovery.
PowerProtect Data Manager
Powerprotect Data Manager or PPDM will provide software-defined data protection, automated discovery, deduplication, self-service, operational agility, and IT governance for virtual, physical, and cloud environments. This solution can be viewed as a one-stop-shop for any IT administrator. PPDM will give IT admins multiple views to help protect both on-premises and in-cloud workloads, file systems, applications, and VMs. PPDM allows for protection for traditional workloads, files systems, SQL, Oracle, Kubernetes, and more. The latest version of PPDM also includes Transparent Snapshots. If you are interested in learning more about PPDM and Transparent Snapshots, check out What is Transparent Snapshot?
Since the threat of ransomware attacks and the repercussions that follow an attack are high, it is best to have a solution in place to help. I only mentioned two solutions that Dell Technologies has to offer in terms of data protection solutions. If you want to learn more about the solutions mentioned or other available solutions, I left some links down below. If you have any further questions or comments, please leave me a comment, I will respond to you as soon as I can.
"Heinbach" https://www.datto.com/blog/common-types-of-ransomware, C. (2020, November 6). Common Types of Ransomware Strains & How to Protect Systems. Strains & How to protect systems. Retrieved March 7, 2022, from https://www.datto.com/blog/common-types-of-ransomware
Laffan, K. (n.d.). A Brief History of Ransomware. Varonis. Retrieved March 7, 2022, from https://www.varonis.com/blog/a-brief-history-of-ransomware
Osborne, C. (2021, December 22). Ransomware in 2022: We're all screwed. ZDNet. Retrieved March 7, 2022, from https://www.zdnet.com/article/ransomware-in-2022-were-all-screwed/