Immutable Object Storage can help fight ransomware in the financial sector and protect data, writes James Loveday, pictured, Sales Specialist, Loadbalancer.org.
With increasingly sophisticated ransomware attacks keeping IT teams up at night, financial institutions are falling over themselves to protect their customers’ data, in the event of such an attack. And for good reason.
Ransomware attacks are predicted to occur every 11 seconds in 2021 at a cost of $20 billion. In March 2021, Flagstar Bank in the US was subject to a ransomware attack that resulted in stolen social numbers. In the same month, attacks on Microsoft Exchange servers affected between 30,000 and 60,000 organizations worldwide, including banks and the European Banking Authority. In May 2021, CNA Financial was subject to a ransomware attack which caused services to be shut down for a few days, and CNA Financial had to pay a ransom of 40 million USD to retrieve their data. In July 2021, US banks were part of a global ransomware attack that resulted in organizations around the world being extorted for a record ransom of $70 million.
How backups can help
There are two very good reasons to use immutable backups to secure your data. Firstly, immutable data is the ‘big daddy’ of backups and is crucial in the fight against ransomware. Data stored securely on an immutable backup system makes it fixed and unchangeable, meaning that it cannot be deleted or modified. This is especially important when it comes to ransomware as data on an immutable backup is impervious to infections. By keeping an archive of immutable Object Storage backups, the financial sector is guaranteed to be able to recover data by finding the last clean back-up on record. This also means that data is recoverable at any time, with the level of data protection preventing intentional deletion in the unfortunate event of a ransomware attack.
Secondly, another key justification for using immutable Object Storage backups is because businesses, more often than not, will struggle to get cybersecurity insurance without it. Insurance companies rightly require financial institutions to demonstrate that they have done everything in their power to protect against a ransomware attack before paying out, should such an eventuality arise.
With exponential data growth and cybercrime on the rise, the financial sector is being forced to relook at their storage systems and invest in solutions that are sustainable and long-term. As a result, the sector is making a move from traditional storage options to on-premise and cloud-based Object Storage which are a reliable, efficient and affordable way of storing, archiving, backing up, and managing huge volumes of static or unstructured data.
Designed to be massively scalable, Object Storage is a storage paradigm with a very simple interface. It organises information into containers of flexible sizes, referred to as Objects. Each object includes the data itself and its associated metadata, and has a globally unique identifier name. The biggest benefit of such an architecture and interface is its ability to scale dynamically. Besides storing huge volumes of data, Object Storage also allows access to large amounts of disparate data sources for analytics and advanced reporting, which traditional storage fails to offer. No matter where a particular data type is stored, Object Storage is intelligent enough to find that data whenever a related query is fed in. It also ensures improved efficiency while managing very large quantities of data, thus making it a high-performance, cost-effective solution, ideal for long-term data retention.
When it comes to security, Object Storage offers specialised and agile features due to its robust support for APIs which allows users to build and deploy their own APIs. This means that Object Storage platforms can be customised to offer nearly any type of unique feature. This includes tailor-made security capabilities. Object Storage allows organisations to select a range of key management systems and encryption options. The financial sector can also apply unique access policies at any level, including at the object, bucket and user/group levels.
Data security is a paramount concern for the insurance sector with ransomware, in particular, posing an incredibly grave data security threat. This, combined with the worldwide COVID-19 pandemic and the corresponding rise in remote work has meant that ransomware attacks have only become more sophisticated.
While networks and firewalls form an important part of any financial institution’s cybersecurity strategy, the ultimate goal of the attacker is to obtain sensitive personal data, held by the company. This keep-’em-out strategy’ is fool-proof until they manage to go one better and overcome your defences. However, with the right data storage protection, this need not be a headache for IT teams and C-suite respectively.
Due to the Object Storage architecture’s broad support for APIs, it is ideal for guarding against ransomware. It allows insurers to store backup data copies that cannot be changed for a set time period, making it impossible for hackers or malware to rewrite, encrypt or delete these backup copies. With immutable data, organisations can be reassured that they always have a safe backup copy they can recover.
The role of load balancing
Load balancing increases durability across multiple data centres (availability zones), protecting the integrity of data stored using cross-site replication.
It guarantees business continuity in a crisis by ensuring that the desired Recovery Time and Recovery Point Objectives are met. For industries where the acceptable amount of downtime following a disruption such as a ransomware attack is zero, the load balancer failover happens seamlessly to avoid any disruption to the end-user.
When a failure event occurs, no backup data is being ingested into the local storage. The load balancer detects the failure and redirects traffic to the additional data centres meaning both storage and retrieval of data can continue, offering maximum redundancy.
The recovery point objectives can be as low as seconds, minimizing the amount of data loss. In this scenario, the load balancer facilitates immediate retrieval of immutable data backups, held in alternative locations, to offer maximum redundancy.
The net effect should be that failover and failback are therefore seamless. Hence load balancing mitigates the risks associated with the potential loss of data resulting from a ransomware attack.