Ransomware Attacks Create Pressing Need for Secure Backup as a Service
A variety of vendors are beefing up their platforms, and education efforts, to meet the challenge.
Ransomware attacks, like the one in late October targeting the U.S. health care system, continue to rise. Cybersecurity Ventures predicted a year ago that ransomware damages will reach $20 billion by next year. That’s more than 57 times the rate of attacks in 2015. And the shots are coming even from malicious hackers who aren’t all that tech savvy, thanks to malware as a service. The increase in threats against managed security service providers’ customers calls for greater protections. Backup as a service stands out as a prime candidate now more than ever.
When it comes to backing up files, MSSPs already know about non-rewritable, non-erasable options. Typical and legacy setups, however, require physical media of some kind — optical, tape or servers. This consumes space, time and still exposes the end user to risk. But with the cloud era in full swing, backup as a service, with an emphasis on security, has grown more capable – and imperative – than ever.
IDC’s Archana Venkatraman
“There is a real pressure to leverage the cloud to reduce capital spend, improve resilience, recovery and data security as the risk of ransomware and cyberattack is sharply increasing,” said Archana Venkatraman, associate research director of cloud data management at IDC Europe. “IDC research shows that 93% of organizations have been the targets of malware attacks in 2019, with a majority suffering successful attacks or multiple attacks. With the right cloud data protection strategy, companies can significantly reduce the time to value, which is critical to quickly become ransomware resilient in the wake of rising attacks.”
Yet, not only are businesses worldwide facing onslaughts of malware, ransomware criminals have figured out how to encrypt the data for which they want to be paid. According to a May 2020 report from Sophos, more than half (51%) of organizations were hit by ransomware throughout the previous year. Hackers had encrypted the data in 73% of those attacks.
Who’s Doing What?
Vendors are responding with secure backup as a service that subverts such attempts. And, to be clear, many, including NetApp, Druva, Commvault, IBM and others, have offered such capabilities for years. But many keep evolving their technology, making it more airtight, as cyberattackers get bolder and sneakier. They also are taking more active roles in educating partners.
On the product side, Commvault, for example, just released its Metallic platform throughout the EMEA region, and sold through the channel. (Commvault already had made the solution available in the United States, Canada, Australia and New Zealand.) Commvault built Metallic on Microsoft, so it integrates with users’ Azure capabilities.
Meantime, Green Cloud Technologies, which only sells through partners, just jumped into backup as a service. Its focus, though, lies not just on backup — it aims at data security.
Green Cloud’s Charles Houser
“Traditional malware defenses often prove ineffective as ransomware works by encrypting the users’ data, rendering the source data and backup data useless,” Charles Houser, co-founder and executive vice president of sales and marketing of Green Cloud Technologies, told Channel Futures. “We need to act now to protect our partners as threats are increasing.”
To achieve this, Green Cloud teamed with Veeam and Cloudian, and made sure the resulting product used object lock.
While again, this approach is not new, it does protect against serious current threats. These are the threats MSSPs and their customers face every day.
Green Cloud’s Keith Coker
“Our channel partners will now be able to offer a secure backup storage solution that address their clients’ urgent need to protect data from ransomware attacks, which have increased in frequency by 97% in just the last two years,” said Keith Coker, CEO and co-founder of Green Cloud. “Cloudian object storage integrates … with Veeam Availability Suite, which allows our partners to provide immutable offsite storage for a clean restore in case a cyberattack occurs.”
The combination of Veeam, Cloudian and object lock “prohibits the deletion of data by making that data temporarily immutable,” added Houser. “It is done for increased security; immutability protects your data from loss as a result of ransomware attacks, malware activity or any other injurious actions.”
MSSPs using Green Cloud and Veeam can easily take advantage of the offering, Houser said. They “would simply point their backups to Green Cloud, making backups so easy and … next-level secure.”
Finally, HYCU represents another multivendor-focused channel provider making backups easier for partners. Last month, the company launched beefier protections against ransomware in its HYCU Backup for Google Cloud platform. The enhancements consist of support for backup targets using Cloud Storage Bucket Lock and air-gapped backup targets.
On the education side, Druva, for its part, on Tuesday will present its first-ever virtual event homing in on cloud data protection. Meanwhile, NetApp ran a series over the summer on ways to fight ransomware.
No Time to Wait
Overall, given the unrelenting avalanche of cybercrime, it only makes sense that MSSPs reexamine their backup strategies for clients now.
Consider what McAfee’s chief scientist, Raj Samani, had to say at September’s Channel Partners Conference & Expo Virtual:
“You’ve got some very capable threat actors that are actively innovating,” he said. “They are actively developing new ways to be able to demand more money. There are other criminal groups out there that are just simply copying. Not only are they copying it, they’re replicating it with such success that they’re making millions and millions of dollars.”
The attacks will just keep getting worse, Samani said. MSSPs must do their part to stay ahead of the problems.
“It’s absolutely imperative that we learn and understand the way this particular market is adapting and evolving,” Samani said.
For additional insight into ways to fight back against ransomware, check out this new podcast from CompTIA and this recent Channel Futures webinar.
About the Author
You May Also Like