Ransomware has become a buzzword for all the wrong reasons and firms with sensitive data are being targeted despite having highly sophisticated data security systems. WannaCry ransomware was a wake-up call for data centers across the world and made the firms to rethink their data security strategies. The recent Petya Ransomware attack is called a powerful successor to WannaCry by many but experts are divided in their opinions about Petya. Many comments that Petya is actually a cyber attack in disguise. They could be right as there is no real payment gateway available to pay the ransom which could have been done intentionally. If this might be true, we are already witnessing an era of data vulnerability. International experts say that the impact of Petya is much worse than WannaCry with no options of data recovery.
Many feel that the Petya 2017 ransomware attack is modified and much powerful attack than its predecessor, Petya 2016 while others do not agree with it. But most technical experts solemnly accept the fact that this particular attack was not designed to make money. Hence, Petya was actually designed to cause deliberate damage to the firms and ironically, firms think that they can still get back their data by paying ransom to the attackers. It has a smarter mechanism than WannaCry i.e the malicious software spreads rapidly across an organization once a computer is infected using the EternalBlue vulnerability in Windows or through two Windows administrative tools. The malware tries one option and if it doesn’t work, it tries the next one. “It has a better mechanism for spreading itself than WannaCry,” said Ryan Kalember, of cyber security company Proofpoint as quoted in an article of The Guardian. It is expected that such types of ransomware attacks will only get stronger and if organizations are not ready to address data security challenges, they are in huge data loss as the data is never going to be recovered even if the organizations are going to pay a huge ransom.
Let’s keep it brief. Strong firewall settings, regular backups, using Linux OSs, ensuring that storage is safe from attacks are all important to prevent such attacks. Few backup vendors claim that they have specialised solutions designed to detect ransomware attacks. It might be beneficial but we need to understand that one ransomware attack is definitely different from another one sensing the pattern of such attacks. Also, such specialised solutions might need additional resources thereby affecting the production environment. Vembu BDR Suite has its own filesystem, VembuHIVE which allows any type of storage to be scaled to the backup server. Also, Vembu provides additional data protection through Vembu OffsiteDR by which incremental data is sent to the DR site. Hence even if the incremental data is affected, the previous full backup and incrementals are present in the DR site which can be recovered. Since Vembu BDR Suite is designed by various use cases ensuring maximum data protection to the data center, firms can choose and customize their backup plan accordingly.