Ransomware remains one of the most serious threats that a business can face, with today’s attacks notable for their increased frequency, hostility and sophistication. Attackers often aim to do more than just lock up an organization’s data until a ransom is paid. In an act that amounts to strategic business disruption, they will threaten to sell the encrypted data or publish it online, hammering victims in multiple ways until they have achieved their objectives. The impact of incidents is getting more devastating too, with the cost of the most serious ones potentially running to many millions. Then there’s the additional reputational damage that is impossible to quantify.
Rising attack levels are explained in part by the availability of ransomware-as-a-service (RaaS), which now provides prepackaged tools to an ever-widening base of perpetrators. No surprise to learn that a fresh ransomware attack is launched somewhere in the world every few seconds. In such a risky environment, most security teams have shifted their priority from preventing attacks, to preparing for recovery from the inevitable.
Attack methods are changing in a bid to make recovery harder. The bad guys are wise to the idea that organizations can potentially ride out a ransomware strike as long as they have a backed-up copy of their main production data tucked out of harm’s way. Attackers are now targeting backup data as their primary objective, knowing that a compromised safety net means a ransom is more likely to be forthcoming.
Defenders are having to rethink their tactics in response to this evolved landscape, no longer able to lean confidently on established measures. CISOs know that yesterday’s failsafe protection can turn into today’s obsolete liability in short order. An example is the zero trust methodology. When it emerged a few years ago, it seemed like a panacea for a range of threats with its simple mantra of ‘never trust, always verify’. This model is based on perimeterless access control for users and devices, but it doesn’t do much to protect backups; it’s all about securing networks rather than stored data. Plus it relies on allowing authenticated access for privileged users, which is exactly who the sharp-elbowed ransomware attacker is skilled at mimicking.
Assume the worst
So what does the CISO do when it is no longer a matter of ‘if’ a breach occurs but ‘when’, and encrypted backup data could put their organization’s existence on the line? How to proceed when even zero trust itself can no longer be trusted?
The first step is to move on from zero trust as we have known it in favor of what Object First calls Zero Trust Data Resilience (ZTDR). This incorporates new elements well suited to keeping backed up data safe from attack and allowing a quick recovery. The original three zero trust principles were:
-
Continuous verification: Always authenticate and authorize based on all available data points including identity, location and device health.
-
Least privilege access: The limitation of user access based on risk-based adaptive policies, in other words granting network access once certain checks are made.
-
Assumption of breach: You could be getting hacked right now, so minimize impact by segmenting the network, verifying encryption and using analytics to gain visibility of the threat.
ZTDR changes the game by adding three more principles to the mix:
-
Segmentation of backup: Separate backup software and backup storage to enforce least privilege access more rigorously and minimize the attack surface.
-
Multiple data resilience zones: Create security domains that comply with the 3-2-1-1-0 backup rule (see below), ensuring multi-layered security.
-
Immutable backup storage: Protects backup data from modifications and deletions.
The appliance of science
With its immutable backup storage appliance, Object First has taken on board these principles and made them into a practical and easily deployable reality for on-prem storage. Designed specifically for Veeam environments and featuring S3-native immutability that is the enemy of ransomware, it implements the principles of ZTDR through the mechanism of Zero Access. This is a storage architecture which protects backup from being deleted or modified. It is effective because nobody, good or bad, has operating system-level access to the backup repository.
“With Zero Access, it doesn’t matter who you are, or what credentials you have, you cannot delete the backups,” says Andy French, director of product marketing with Object First. “It protects against external attackers and compromised administrators alike.”
He points out that a core plank of Zero Access, and therefore of the Object First appliance, is that it doesn’t feature just any old immutability but Absolute Immutability. Plain immutability can seem solid and uncompromising but leave you with hidden exceptions and loopholes, offering a small opening that attackers can exploit. Absolute Immutability means that even the most privileged admin, or attacker posing as admin, cannot take advantage of their privilege to modify or delete data. When a backup storage system is ‘secure-by-design’ by virtue of Zero Access, nobody can perform destructive actions, even if production environments are compromised.
A crucial facet of Absolute Immutability is third-party verification. Without independent scrutiny, a vendor could easily be masking what amounts to partial immutability with marketing talk. In the case of Object First’s appliance, the latest round of independent penetration testing by NCC Group confirms that even a full-scale compromise of administrator credentials cannot override its Absolute Immutability. As part of this latest testing, NCC gave approval to Honeypot, a decoy system built into the appliance that will alert you to an intruder investigating what it thinks is your backup.
The Object First appliance benefits from a key ZTDR attribute, the assurance that backup software and storage systems are strictly segmented. By creating a clear break between management plane and data plane, it minimizes the potential attack surface. If one layer is compromised, the other remains rock solid.
It furthermore protects by building on the classic 3-2-1 rule (keep three copies on two media with one off-site) and upgrading it for modern threats. Veeam’s new 3-2-1-1-0 Backup Rule adds one immutable copy and zero recovery errors, delivering stronger ransomware resilience.
When recovery is the priority
With ransomware a virtual inevitability, the priority of any security strategy has to be one of effective recovery. The Object First appliance wins here too.
“A backup only matters if you can count on it to restore when it’s needed,” observes French. He points to the appliance’s ability to fully utilize Veeam’s SureBackup technology as a key ingredient in the appliance’s secret recovery sauce, automating recovery verification to confirm that backups are complete, bootable, and ready to restore.
“Backing up your data is not enough on its own,” he adds. “You must ensure that each backup is recoverable, complete and uncorrupted. Recovery testing is critical here because it ensures that you really are protected against disasters and ransomware attacks.”
SureBackup, he explains, is the foundation of this testing. It can spin up a copy of backed up data as a virtual machine without touching the original. This can then be checked for malware to be sure that it is something you can restore from.
“It’s all about good data hygiene,” he says. “And it helps with compliance with regulations like NIS2 and DORA which are all about rigorously protecting essential services and infrastructure. The idea of testing backups so you know you can recover is an important one. But it’s got to be really fast, and not interfere with normal backup operations, Otherwise the exercise becomes impractical and will get bumped.”
Successful recovery is also about having a recent restore point to restart from. If your last clean backup was two weeks ago, that could mean junking two weeks of data just to get a clean restore point, a potential disaster for an organization that lives or dies by the information it stores.
SureBackup lets you trawl through previous backups to find where ransomware has been introduced. Being spun up as a VM and nowhere near your production environment also means you can work on infected data in a safe way, cleaning it and then restoring from it. This all feeds into making the Object first appliance a high-performance backup tool that reduces your recovery time without opening the door to new vulnerabilities.
Backup shouldn’t be complex
Object First believes recovery shouldn’t be a matter of rocket science: “When we’ve surveyed IT professionals, they say they feel fed up and under pressure,” claims French. “They complain that the recovery tools they have at their disposal are too complex and require specialized security expertise. Our appliance’s ‘box to backup in 15 minutes’ story is not just about ease of use, it’s about avoiding dependency on one or two key people, who could walk out at any time with their precious expertise. You don’t need expertise to set this appliance up.”
He points out that the appliance is equally suited to small and large enterprises alike, with its ability to scale from 8 TB up to 7 PB with an option for a simple cost model based on how much storage is consumed. Protecting your backup, and by definition the whole organization, has never been this free of complexity or this reliable.
Sponsored by Object First.
Click Here For The Original Source.
