Veeam and virtualDCS – The new defence against Ransomware
In case you haven’t already heard, Veeam has just announced a brand new feature that when paired with virtualDCS, will give organisations a new layer of protection in the war against Ransomware.
In 2017 anyone remotely connected to the IT landscape knows about the threat of ransomware, with two of the most prominent strains in recent times being WannaCry and CryptoLocker.
I’ve seen first-hand how this technology can disrupt businesses, without them even realising until it’s too late.
What’s also concerning is that the infection methods are not only expanding, but they’re also becoming harder to detect and prevent, with many of them actively seeking and deleting backup files and software in order to thwart file restorations.
To put the threat of Ransomware into perspective, 71% of businesses that have been targeted by Ransomware have been infected, with the average ransom demand now at $1,077. Despite choosing to pay, 1 in 5 businesses never receive their files back. This is why a strong Disaster Recovery plan is essential.
According to recent statistics, 9 out of 10 infections are being completed through insider attacks, as opposed to external sources such as Phishing emails. In fact, Phishing emails carrying Ransomware dropped by almost 50% during quarter one this year as hackers are learning to evolve.
What are insider attacks?
In a nutshell, an insider attack is where an employee or hacker accesses the environment and stealthily installs the Ransomware on the servers. Typically utilising both existing knowledge of the environment and network analysis tools to ensure the organisation is at its most vulnerable.
Due to this knowledge, insider attacks are much harder to prevent than external ones. Many hackers have previously admitted to knowing what backup solutions have been installed, searching for those specific files and deleting them to prevent an organisation restoring their information.
What’s the solution?
The new tool will be released as part of Veeam Backup and Replication 9.5, update 3 and as well as external protection, it will also offer a significant safeguard against insider attacks. When partnering with virtualDCS, we’ll have the option to enable a new function on your account, where all deleted backup files are first moved to a ‘recycle bin’ facility for a number of days before official deletion.
Not only does this protect companies from user error. (Admit it, you’ve accidentally deleted a file once or twice). But, it also tricks the third party into believing that all the data has been deleted, as no information shows up on the initial storage analysis.
Data protection with the 3-2-1 rule
In addition to the above, if you don’t have a Veeam Cloud Connect solution in place you can also ensure ransomware protection by following the 3-2-1 rule, where:
- You should have at least THREE copies of your data
- You should have copies on TWO different media outlets
- You should keep ONE backup copy offsite
At this point, I’d also like to suggest that you +1 and make it a 3-2-1-1 rule, where you;
- Store one copy of your data offline
Where does virtualDCS fit in?
In addition to our existing relationship, our team has access to your insider protection functionality. When it’s released, we can help you to successfully configure the portal and in the event of a Ransomware incident, we’ll be on hand to help you get back up and running.
Personally, I think that this new tool offering is a great feature to add to an already full arsenal of protection and is an excellent addition to Veeam Cloud Connect.