Ransomware is a huge global threat to businesses around the world. You've heard about the high-profile attacks: Colonial Pipeline, JBS, Garmin, Acer.

But many people now know a colleague whose business was attacked. It's more prevalent than you might think.

That's because the majority of corporate targets are small and medium businesses. 72% of targeted businesses have fewer than 1,000 employees, and 37% have fewer than 100. These aren't large corporations with the resources to plan for this vector of attack. These are small businesses that have one or two IT administrators on staff or even no in-house IT.

Businesses are projected to pay out $20B in 2021, a 100% Y-o-Y increase for the last four years, and it's only going to get worse with new business models like RaaS: ransomware-as-a-service.

The problem for companies is that their storage is always connected with full access for admins. When ransomware gets the administrative credentials, it has full access too. There is no policy to say that no one, not even the administrator, can change this file for a set amount of time.

Ransomware attacks are increasingly sophisticated, having the capability of watching for cloud account credentials, deleting backups and cloud storage, then encrypting everything and demanding a ransom. It's imperative to build defenses against these escalating attacks. SMBs and large businesses need a backup target that allows them to lock backups for a designated time period.

Cloud Object Lock does just that. Because cloud storage providers like Amazon S3 control the API, they can add features like Object Lock, also referred to as Write-Once-Read-Many (WORM) storage or immutable storage. This lock is a retention policy for a specific version of a file that is locked from changes from every user, including the administrator. You can think of this as a virtual air-gap in the cloud because there is no way, barring to close the account, to delete that file before the retention date is passed.

Retrospect Backup utilizza Object Lock per creare backup immutabili. Questi backup vengono bloccati per uno specifico periodo di tempo. Gli utenti possono impostare un periodo di conservazione per i backup archiviati su piattaforme cloud di supporto. Durante questo periodo di conservazione immutabile, i backup non possono essere eliminati da nessun utente, anche qualora un ransomware o un agente dannoso acquisisse le credenziali di root.

La protezione dai ransomware di Retrospect Backup è certificata con Amazon S3, Microsoft Azure Blob Storage, Google Cloud Storage, Wasabi, Backblaze B2 e MinIO.