15 Feb 2022
It’s no secret that ransomware attacks are on the rise. After finding an entry point to an organization’s network, cybercriminals are leveraging vulnerable and operational data to turn a profit at an alarming rate.
In the first half of 2021 alone, the U.S. Treasury’s Financial Crimes Enforcement Network (FinCEN) reported $590 million in ransomware-related activity. This is astonishing on its own, but it’s even more shocking to note that FinCEN only tracked $416 million in ransomware-related costs for all of 2020.
Whether it’s the rise of the remote work culture or the increased speed of digital transformation that’s responsible, the truth is, the risk of ransomware attacks is higher than ever before.
To help combat this, Retrospect, a StorCentric Company has released Retrospect Backup 18.5, complete with anomaly detection. This new feature is intended to find ransomware threats looming in stored backups before they ever become an issue.
Perhaps one of the biggest threats to organizations in 2022 pertains to cybersecurity. Hacking, data breaches, and ransomware attacks are on the rise, and it’s no longer just the large corporations who are at risk. While those in the industry may know about the larger attacks and ransomware payouts—like the insurance company that handed over a $40 million ransom in 2021 to regain its systems—these are not the only organizations that may find themselves the focus of a ransomware incident.
It’s the small and medium businesses who are falling prey to these kinds of attacks. In fact, according to Coveware, most targets are now small and medium-sized businesses:
72 percent of businesses targeted by ransomware have 1,000 employees or less
37 percent of businesses targeted by ransomware have 100 employees or less
These attacks can have costly consequences; 46 percent of small businesses have experienced a ransomware attack and 73 percent ultimately pay a ransom with no guarantee of restoring their data. Of these, 13 percent of the polled small businesses reported paying over $100,000 to cybercriminals and 43 percent paid a sum between $10,000 and $50,000.
Ultimately? These large ransoms aren’t always successful—17 percent of hacked small businesses that paid their attackers recovered only some of the company’s data. But it isn’t just the payouts that add up; ransomware attacks can add up when it comes to downtime for service, as well as working downtime, insurance costs, and a damaged reputation.
What may be even worse is that now the tech industry is encountering a new foe: The emergence of Ransomware-as-a-Service. Unlike other as-a-Service solutions, this business model centers around for-hire ransomware attacks, where bad actors leverage their encryption tools, ransom collection capabilities, and sophisticated tactics, techniques, and procedures, for a cut of the profit. It’s a challenging time to think about security.
It’s estimated that with these and other like-minded ransomware efforts, the cost of ransomware damage across the globe hit $20 billion in 2021; a rate 57 times higher than what it was in 2015. The risk of ransomware or some other cyberattack seems to grow exponentially by the year. With this in mind, organizations must seek out a reliable, secure way to store and back up their data with data backup and recovery tools they can trust.
The need for ransomware protection is clear. But what can be done? With the rapid shift to working from home and cloud computing, tools like anomaly detection take a data-driven, automated approach to suss out potential ransomware attacks. This is achieved through adding anomaly detection to its ransomware protection toolbox.
Anomaly detection takes a threat-first approach, which means information security (infosec) teams can define what kind of threats or other atypical actions they hope to detect throughout their system, using customizable filtering and personalized detection thresholds. This allows organizations to find threats and protect against them faster than ever before. It’s a more focused approach to fighting against the very complex ransomware landscape.
With deeper Microsoft Azure Blob integration for Immutable Backups and integrated cloud bucket creation, Retrospect Backup 18.5’s anomaly detection and ransomware protection bolster StorCentric’s data-centric security approach to organizations’ critical infrastructure. Administrators have the power to tailor their individual filters and thresholds for each of their backup policies, and any apparent anomalies are then aggregated within Retrospect Backup’s Management Console—or even to a partner’s client base—so that anomalies can be adequately identified and addressed.
Retrospect Backup 18.5’s anomaly detection is designed to monitor your organization’s entire footprint from end to end, including the cloud, servers, network-attached storage (NAS), as well as all network endpoints. With a filter you set yourself, it removes the noise of less personalized anomaly detection tools so you can zero in on actual threats, only getting alerts based on your user-defined percentage of risk. Additionally, Retrospect Backup 18.5 provides automated email and surface alerts in analytics so you know about a potential threat the moment it’s been detected.
Ransomware is an unfortunate trend that isn’t going away anytime soon. As shared by JG Heithcock, General Manager of Retrospect, a StorCentric Company shared:
"As ransomware continues to grow in prevalence, businesses can leverage Retrospect’s new anomaly detection to quickly identify when ransomware has infected their infrastructure and rely on their immutable backups to restore any lost data. Anomaly detection is integrated into Retrospect’s policy-based workflow and with our hosted service, Retrospect Management Console, to ensure customers and partners are notified about anomalies as soon as they happen."
To help combat this, Retrospect Backup 18.5 comes with anomaly detection tools, as well as a host of other solutions designed to monitor for and address potential attacks and data breaches. One of these tools? An immutable backup—an unalterable backup that can’t be changed in any way—a write-once, read-many (WORM) designation. Not even an administrator can overwrite or delete these backups. They also cannot be accessed by any external hosts, and any writes to the system can only come from trusted APIs (application programming interfaces). As shared by Tech Target, “Immutable backups for ransomware offer some relief, but should be complemented by other data protection strategies–” which is where anomaly detection steps in to offer unmatched assistance.
Retrospect Backup 18.5 has been designed for the sole purpose of trusted backup protection—even in today’s climate of ever-increasing cyberattacks. To do this, Retrospect Backup 18.5 includes:
Retrospect Management Console Integration: Monitor anomaly detection and other features across your entire network on a single pane of glass.
Newly Improved Microsoft Azure Blob Integration: Establish your own immutable retention policies for each backup set in the same Azure Storage Container.
Streamlined Immutable Backup User Experience: Create cloud buckets automatically and create immutable backups that are supported by the default settings.
Retrospect has always been dedicated to providing small and medium-sized businesses with the reliable, trustworthy backup tools they need at the highest level of recoverability. That’s why we’re proud to introduce anomaly detection as part of our latest backup solution, Retrospect Backup 18.5; because it offers a much-needed additional layer of protection to keep bad actors out of your backups.
For over three decades discovering what works in the field and what’s coming next, we’ll give you the tools you need to secure your physical servers, endpoints, virtual environment, and business applications with backups you can count on. To learn more about our latest solution, connect with our team today.
Have feedback on this post? Let @retrospectinc know on Twitter.
Need help? Contact us.
Jana Kurita is Marketing Communication Coordinator at Retrospect and Drobo.