October is National Cybersecurity Awareness Month – the perfect time to learn more about different potential threats, and how to best protect your agency from them.
In late August, I participated in a Carahsoft/RSA event at the Washington D.C. Spy Museum focused on the cybersecurity threat known as “ransomware.” This threat is malware that infects computers, networks, and services, then locks the target using cryptography and notifies the target user(s) they will lose their data unless they pay a “ransom” to unlock, or decrypt their data. There is usually a very specific period associated with the ransomed data – usually measured in hours, or a few days at most. If the ransom is not paid, the encryption key will be destroyed – and access to the data will be lost forever.
The ransomware threat can be very compelling, according to keynote speaker Agent Stacy Stevens, Chief for Mission Critical Engagement Unit of the FBI Cyber Division. She noted that their Internet Crime Complaint Center (IC3) registered an increase in exposed losses of $939 million in 2016, up from just $4.5 million in 2013. Despite the risk, the FBI does not advise paying the ransom to secure the key and decrypt the data – there is never any real guarantee the key will be provided. They also note that paying the ransom only funds more illicit activity and emboldens the adversary. Simply put, the best advice offered by Agent Stevens to prepare for and/or counter the ransomware threat, is to “backup your stuff.” This precaution will enable organizations to minimize the potential loss of data and enhance operational resiliency and recovery.
Patrick Potter, GRC Strategist for RSA, covered many relevant topics on resiliency management and the ransomware threat. He cited a recent Interagency Report that documented over 4,000 daily ransomware attacks since early 2016 – a 300% increase over the 1,000 per day experienced in the Federal government in 2015. He went on to note the growing emphasis on resiliency – the ability to fight through or quickly rebound from attacks – observing that organizations are increasingly moving towards resiliency versus recovery models.
Given increasing emphasis on business and cybersecurity resiliency, it is vital to ensure our partners and customers are aware of the innovative data storage options that exist to support the desired level of operational flexibility. Of particular interest will be any of the Intelligent Data Storage (IDS), also known as Software Defined Storage (SDS), capabilities – such as Isilon, ScaleIO, and ECS – that offer a range of inherent cybersecurity resiliency features and functions not typically found in traditional hardware-based storage solutions. For instance, the ability to leverage erasure coding algorithms to store the data; non-rewritable/non-erasable storage options; the ability to protect the data from malicious or accidental alteration, consistent with stringent federal requirements such as SEC 17a-4; and, features turning the data storage itself into a proactive, data-driven component of an enterprise cybersecurity early-warning solution.
All of these SDS features enhance the cybersecurity resiliency of mission critical business environments. Furthermore, cybersecurity is frequently one of the first opportunities for introducing big data analytics solutions, such as Splunk or Hadoop, into an enterprise. The initial introduction of these powerful cyber analytics tools can provide a tremendous, and high return-on-investment (ROI), impetus for expanding an organization’s data storage capacity, based upon real risk reduction and cost savings. The implications of an improved cybersecurity resiliency operation can lower overall operational risk and expand the data storage requirements – providing more access to data for better decision making and higher probability cyber forensics.
For more information, contact your regional Dell Technologies cybersecurity expert, or feel free to ping me at firstname.lastname@example.org.