From the WannaCry attacks on the NHS and other organisations five years ago and the Colonial Pipeline breach last year to the more recent Nvidia incident, the ransomware timeline continues to lengthen. In fact, there are few issues across the complex cybersecurity landscape that consistently create so many headlines and cause so much widespread disruption.
In 2021, for instance, nearly 40% of global organisations said that they had been the victim of some form of ransomware attack, according to a study by IDC. Arguably even more alarming was the report from CISA in February this year which identified an “increase in sophisticated, high-impact ransomware incidents against critical infrastructure organisations globally,” with 14 of the 16 US critical infrastructure sectors targeted.
Since WannaCry, the annual number of ransomware attacks has increased by over 60%, from 184 million to more than 300 million instances recorded annually. Where experts used to suggest ransomware attacks were not a question of ‘if’ but ‘when’, today that perspective has notably shifted to ‘how often’.
Fortunately, despite ransomware attacks becoming more sophisticated since 2017, so have the cybersecurity industry’s countermeasures. While it may not always be able to prevent every attack, businesses now have access to sophisticated recovery methods that can limit costly downtime and recover data in a matter of seconds or minutes, not hours or days.
Continuous data protection
For instance, by adopting techniques, such as Continuous Data Protection (CDP), IT teams are armed with an always-on replication and journaling technology which allows rapid recovery of entire sites and applications at scale by effortlessly creating multiple copies both locally and remotely.
For any organisation familiar with the impact of system downtime and potential data loss, it’s bad enough to have to restore to a day-old backup, but when the risk of data loss extends even further back in time, there is the very real prospect of a potentially enormous increase in recovery expenses.
The inadequacies of many current approaches to crucial data protection come from a dependence on legacy solutions that dates back decades and were developed to secure data by taking periodic snapshots. However, for many enterprises that operate in the ‘always on’ digital economy, a CDP process that recognises every single modification and updates to their data in real-time is now a minimum requirement.
In practical terms, CDP monitors and records data changes, guaranteeing that every version of user-created data is preserved locally or at a destination repository via incremental writes that are replicated continually and recorded to a journal file. Administrators can then restore data to any point in time with granularity in a recovery situation. It’s analogous to rewinding business activities to a point just before an interruption occurred, where anything from a single file to a virtual machine to a whole site may be restored with minimum data loss and downtime.
Additionally, CDP is being used in a variety of additional scenarios where enterprises are having trouble with traditional backup, such as operational recovery and long-term retention. Specifically, operational recovery focuses on day-to-day restores and recoveries of files, VMs, and/or individual volumes, but it doesn’t require a complete site recovery because it isn’t defending against a specific incident, such as a ransomware attack. Long-Term Retention (LTR) addresses the necessity for many firms to keep data for a long time, usually for compliance, internal or tax reasons. Because this information isn’t necessarily mission-essential, it can be saved on less expensive media where speedy recovery isn’t as important as it is in the case of operational recovery.
Furthermore, as more businesses embrace the flexibility of modern infrastructure, apps are increasingly being transferred from on-premises to multi-cloud. According to IDC, 70% of CIOs now have a cloud-based application deployment plan. However, in order to satisfy SLAs while guaranteeing that applications and data stay available regardless of the disruption, the data protection strategy must keep pace with this approach.
In recent years, data protection at the cutting edge has been significantly modernised, improving the outlook for businesses that have been under pressure from all sides to increase performance. In an era when compliance is more important than ever, and the consequences of a big data breach can be devastating to everything from reputation to business, treating backup as a continuous process can help organisations ensure they aren’t added to the ransomware attack timeline.
Christopher Rogers is Technology Evangelist at Zerto a Hewlett Packard Enterprise company. Rogers has spent the majority of his career working in the technology industry. He currently holds the position of Technology Evangelist at Zerto, a Hewlett Packard Enterprise company, where he specialises in data protection, DRaaS, and disaster recovery.