Skip to content
11:11 Systems
Rethink Connected
11:11 Systems11:11 Systems
  • Why 11:11
    • Submenu
      • Column 1
        • 11:11 Systems Consulting
          Consulting Services
          Global Regions
          Cloud Regions
          11:11 Systems Security
          Security

      • Column 2
        • Cloud Console
          Cloud Console
          Catalyst
          Planning and Assessment
          Compliance
          Compliance

      • WHY CHOOSE 11:11
      • Overview
      • Leadership
      • News & Media
      •  
      • Careers
      • Technology Partners
      • Customer Stories
  • Products & Services
    • Products & Services
      • CLOUD
      • Cloud Overview
      • Public Cloud
      • Private Cloud
      • Object Storage
      • Cloud Labs
      • Colocation/Bare-Metal
      • BACKUP
      • Backup Overview
      • Veeam Backup
      • Microsoft 365 Backup
      • Managed Backup for Cohesity
      • Data Protection Services
      • DISASTER RECOVERY
      • DRaaS Overview
      • DRaaS for Veeam
      • DRaaS for Zerto
      • DRaaS for Azure
      • Managed Recovery
      • Cloud Recovery
      • Cyber Incident Recovery
      • Business Continuity Consulting and Services
      • Physical Infrastructure Recovery Services
      • SECURITY
      • Security Overview
      • Continuous Risk Scanning
      • Managed Detection and Response
      • Managed SIEM
      • Managed EDR
      • Managed Firewall
      • CONNECTIVITY
      • Connectivity Overview
      • SD-WAN
      • Multi-Cloud Connect
      • Managed IP
  • Solutions
    • Solutions Submenu
      • INDUSTRY
      • Education
      • Financial
      • Government
      • Healthcare
  • Partners
    • Partners Submenu
      • Overview
      • Become a Partner
      • Partner Portals
  • Resources
    • Resources Submenu
      • Events
      • Webinars
      • News & Media
      • White Papers
      • Podcast
      • Data Sheets
      • Customer Stories
      • Innovation Blog
  • Support
    • Support Submenu
      • Contact Support
      • Product Documentation
      • API Documentation
Search:
  • Console Login
  • Contact
Header Right Menu
Free Trial
  • Why 11:11
    • Consulting Services
    • Cloud Console
    • Cloud Regions
    • Planning and Assessment
    • Security
    • Compliance
    • WHY CHOOSE 11:11
    • Overview
    • Leadership
    • News & Media
    • Careers
    • Technology Partners
    • Customer Stories
    • Blog
  • Products & Services
    • CLOUD
    • Cloud Overview
    • Public Cloud
    • Private Cloud
    • Object Storage
    • Cloud Labs
    • Colocation/Bare-Metal
    • BACKUP
    • Backup Overview
    • Veeam Backup
    • Microsoft 365 Backup
    • Managed Backup for Cohesity
    • Data Protection Services
    • DISASTER RECOVERY
    • DRaaS Overview
    • DRaaS for Veeam
    • DRaaS for Zerto
    • DRaaS for Azure
    • Managed Recovery
    • Cloud Recovery
    • Cyber Incident Recovery
    • Business Continuity Consulting and Services
    • Physical Infrastructure Recovery Services
    • SECURITY
    • Security Overview
    • Continuous Risk Scanning
    • Managed Detection and Response
    • Managed SIEM
    • Managed EDR
    • Managed Firewall
    • CLOUD CONNECTIVITY
    • Connectivity Overview
    • SD-WAN
    • Multi Cloud Connect
    • Managed IP
  • Solutions
    • INDUSTRY
    • Education
    • Financial
    • Government
    • Healthcare
    • Column 2
  • Partners
    • Overview
    • Become a Partner
    • Partner Portals
  • Resources
    • Events
    • Webinars
    • News & Media
    • Whitepapers
    • Podcast
    • Datasheets
    • Customer Stories
    • Innovation Blog
  • Support
    • Contact Support
    • Success Center
    • API Documentation
  • Contact
  • Console Login
  • Free Trial
Author: 11:11 Systems
Date: November 10, 2020

Ransomware Protection

The single most critical aspect of being a Cloud Service Provider is the security of our customers’ businesses. Delivering Cloud Service means enabling our customers to conduct business on a safe, secure platform. Malware attackers are in direct opposition to this goal; they rely on disrupting businesses in order to extort money from them. That means that as malware attackers develop new vectors of disruption, Cloud Service Providers have a responsibility to adapt.

Security is a back-and-forth between threat and protection. Antivirus software was developed as a response to the first wave of Trojan Horse and Worm attacks on business infrastructure. As malware attacks became more sophisticated, so too did anti-malware, leading to the development of AI-driven malware recognition and Sandbox technology.

The most recent adaptation for Service Providers is Ransomware Protection through WORM (Write Once, Read Many), also known as Storage Immutability. Green Cloud’s new Secure BaaS offering incorporates Ransomware Protection through a Cloudian storage back-end. Combined with Veeam’s industry-leading Backup and Replication solutions, we are excited to offer our partners a proven way to protect their customers against ransomware.

The Problem of Ransomware

Due to the nature of their work, Service Providers must be familiar with malware in its many forms. It can infiltrate a network through any number of vectors: email attachments, malicious thumb drives, social engineering, or even hand-crafted false web pages. Ransomware isn’t that different from traditional malware in this sense; it still uses all of these same vectors to achieve access to a target network.

Ransomware distinguishes itself from common malware by turning encryption, a tool generally used to secure data, into an attack. Encryption is a process by which data is transformed into a different form, a code, after which the original data can only be accessed with a specific key. The ransomware randomly generates a key, encrypts all data available to it, and then sends that key back to the attacker. That way, only the attacker has access to business-critical data, which lets them hold it for ransom.

After it became evident that ransomware was a critical threat, Service Providers began instituting rigorous backup requirements. Attackers have answered with a simple strategy: encrypt or destroy backups first. Once malware has made its way onto a network, the attacker can delay encryption (referred to as an Incubation Period) until they have located and destroyed any backups. That means the Service Provider will be in for a nasty surprise when they attempt to restore that client’s data.

How WORM Works

WORM is the latest response from the security community against ransomware attacks, and it stands for Write Once, Read Many. In order to prevent backups from being destroyed or overwritten, security researchers defined a new standard for storage systems that prevented anyone, even system-level administrators, from modifying backup data. This may sound simple in principle, but is quite difficult to design and execute. Additionally, it is not a simple plug-and-play software implementation – WORM must be supported on the storage array itself.

Access to data on the storage array must be limited to a highly restricted, security-hardened account. No remote account or utility is allowed access to write data to the array. Once this feature is enabled, data is written once to the disk, and then locked for a pre-determined period of time. In order to interact with this storage, users send and retrieve data through a management utility such as an Object Storage API.

During our search for a comprehensive ransomware solution, Green Cloud came across Cloudian. Already a proven storage provider, Cloudian’s implementations of WORM and Data Immutability on their storage array drew our attention because of their strict compliance with governmental regulations. Cloudian’s integration with Veeam made it a natural fit for Green Cloud’s BaaS offering.

Ransomware Protection In Action

Let’s take a look at how WORM-enabled storage performs during a ransomware attack, in contrast with standard storage. When an attacker first infiltrates a network, they will make sure they have repeatable access to that network. Then begins the Incubation Period, where the attacker lays low on the network while collecting data.

Backups are the primary target. If possible, the attacker will locate and modify backup data. This can be in the form of encryption, configuration changes to remove drives from the backup job, or outright deletion. Traditional storage offers no protection against this type of attack. If the attacker gains access to the backup storage medium, they can wipe out months or years of user data to ensure that their ransom attack is successful.

In contrast, when the attacker attempts to write over backups on WORM-enabled storage, they find that the data cannot be modified in any way. Even modifying the backup job to contain bunk data will not destroy or overwrite the existing backups. This greatly extends the incubation period, which means more time where the malware can be detected and removed by Endpoint Protection or other anti-malware solutions.

Ransomware Protection and Secure BaaS

Enabling our partners to deliver a safe, secure platform on which customers can do business is a priority for Green Cloud. Veeam emphasizes that Service Providers should follow the “3-2-1 Rule” when designing their backup infrastructure:

  • Have at least three copies of your data.

  • Store the copies on two different media.

  • Keep one backup copy offsite.

Green Cloud’s BaaS has allowed us to fill a critical data protection role as a remote repository for on-site backups. Secure BaaS, our new offering powered by Veeam Cloud Connect and Cloudian Storage, offers a Veeam Repository that is fully protected against ransomware and malicious deletion.

For more information on Secure BaaS and Ransomware Protection, feel free to contact your Account Manager, or visit https://greenclouddefense.com/contact-us/.

Category: SecurityBy 11:11 SystemsNovember 10, 2020
11:11 Systems

Author: 11:11 Systems

Post navigation

PreviousPrevious post:Protect Any Workload from Ransomware with the Veeam Agent and Secure BaaSNextNext post:Veeam 12 Preview — Object Storage

Related Posts

ransomware, cyber attack, cyber insurance
As MGM Struggles Amid Ransomware Fallout, Data Recovery Lessons Abound – Part 2
September 21, 2023
Veeam, AWS, and 11:11 Systems logos
Best in Class for Data Protection
September 20, 2023
cyber threats, cyber attacks, cyberthreats, cyberattacks, cyber incidents, ransomware
As MGM Struggles Amid Ransomware Fallout, Data Recovery Lessons Abound
September 18, 2023
layered security strategy
Why a Layered Security Strategy Matters
September 11, 2023
protect your brand reputation from cyber-attacks, stay under the radar
“Flying Under the Radar:” How to Protect Your Organization’s Reputation
August 31, 2023
Managed NGFW
“Don’t be a “Holdover”: Is it time for a Next Generation Firewall?
August 22, 2023
PRODUCTS & SERVICES
  • Cloud
  • Backup
  • Disaster Recovery
  • Managed Security
  • Connectivity Solutions
  • Compliance
COMPANY
  • Why 11:11
  • Customer Stories
  • Careers
  • Leadership
  • Technology Partners
  • News & Media
  • Contact Support
CLOUD REGIONS
  • North America
  • EMEA
  • APAC
CONNECT
  • LinkedIn
  • Twitter
  • Youtube

© 2023 11:11 Systems Inc., All Rights Reserved | Privacy Notice |

Go to Top

https://1111systems.com/wp-content/uploads/2023/04/HPE-video-for-1111-SKO.mp4

https://1111systems.com/wp-content/uploads/2023/04/Dell-Global-Alliance-video-for-1111-SKO.mp4