Ransomware: It Makes You ‘WannaCry’
A security expert gives his take on data and cloud security policies in light of recent ransomware attacks. Read on for more!
Join the DZone community and get the full member experience.Join For Free
It may be a silly name, but it certainly is not a silly topic. You are likely aware of the recent ransomware attack known as WannaCry that has infected more than 230,000 computers in 150 countries since Friday, May 12th. Among the notable victims are the National Health Service and FedEx, that have been asked for ransom payments in bitcoin.
Recent attacks like these have brought to our attention the importance of enterprises to protect themselves and their customers.
An Ounce of Prevention and a Good Backup
One area where CIOs have turned their attention is security software, and there are numerous innovative solutions that use the power of machine learning and AI to address prevention of such attacks. While there are many solutions available, CIOs need to be aware that there is no failsafe prevention solution based upon AI/ML or firewall technologies. Instead, CIOs need to recognize prevention is merely one piece of an overall protection strategy.
While CIOs and IT/System Administrators evaluate the strategies and dangers posed by attacks, they can take steps to ensure they are protected against such attacks through insurance. This insurance strategy is well understood, cost-effective, and likely well-practiced within their existing organization.
The insurance strategy under discussion here is backing up your data, also known as data protection. Having a data protection strategy does not necessarily prevent an attack from occurring but enables an organization to destroy all affected data, then recover all data from a backup taken before the data was infected. Many, but unfortunately not all, of the organizations recently impacted were able to address their security vulnerability and leverage backup copies to restore their data and avoid ransom requests.
But, What About the Cloud?
The rapid rise of multi-cloud infrastructure and next-generation cloud applications adds an additional layer of complexity to the challenge. A common belief held by many CIO’s is that if their data is safe in the cloud. This could not be further from the truth. A comprehensive data protection strategy needs to take all of the following factors into account:
- Your application data needs to be protected even if the data is distributed across multiple data centers.
- Your application data needs to be protected for multi-cloud and hybrid cloud environments.
- Next generation applications built on highly distributed, eventually, consistent database platforms also need to be protected.
The cloud is not immune to ransomware attacks, so organizations need to be more vigilant than ever to ensure they are protected not just within their data center, but everywhere their data resides, and that means the cloud! A comprehensive data protection strategy will give you no reason to ever ‘WannaCry.’
Published at DZone with permission of , DZone MVB. See the original article here.
Opinions expressed by DZone contributors are their own.