Ransomware is a concept that most of us had barely heard of a decade ago, and yet today it has become an ongoing existential challenge for everyone from the laptop owner to the hyperscaler.
An IDC report* from January 2023 entitled 'Developing ransomware resilience with multilayer network, storage, and data protection architecture' found that two-thirds of global organizations were subject to ransomware attacks in 2022.
In 2023, an attack on the MOVEit application stole the personal information of employees of multinationals including British Airways, the BBC, the Boots-Walgreens Alliance, and even the UK telecoms regulator OFCOM. Hacking gang CLOP has taken responsibility for the onslaught, threatening to release their cache into the public domain if ransom payments were not forthcoming.
For data centers, it is vital to block such bad actors before they can gain access to individual customers’ systems in the first place, both as a guardian of sensitive information, and protection of vendor reputation. Answering this call comes Huawei’s Multilayer Ransomware Protection, a rack-mounted all-in-one shield against bad actors, leveraging Huawei’s decades of experience in the field, and the power of artificial intelligence.
At this year’s Mobile World Congress in Barcelona, Huawei’s Michael Qiu, president of Global Data Center Marketing and Solutions told delegates, “Ransomware has become one of the most serious threats to businesses globally.
Last year, Huawei launched a four-layer storage solution, which helped many customers defeat ransomware attacks. This year, our new multi-layer ransomware protection (MRP) technology built on network-storage collaboration reinforces the protection. It minimizes the impact of ransomware attacks on your business, delivering even zero service downtime.”
As long as ransom attacks remain profitable, they will continue to grow, and along with this, will come a greater demand for regulation from industry, regional legislatures, and governments. This means that protecting data centers and their customers from ever more complex threats will become not just a moral, but a legal obligation. With these ransomware incidents becoming ever more complex, it will be down to security providers like Huawei to offer flexible, evolving solutions.
Protecting against ransomware is still just as important if you’ve already navigated an attack. Once you’ve paid up, some criminals will see you as a soft target and make a beeline to see if you’ll do it again. As long as your system isn’t adequately protected, make no mistake, you are a potential victim of ransomware.
Integrating a system like Huawei’s MRP, which has been shown to detect all of the 537 ransomware types in current circulation, according to recent testing by 360 Security Solutions, is a vital part of your responsibility to run a trustworthy data center.
The result of all this research and development is a six-layer system with distinct advantages at every step of a ransomware attack, all augmented by AI-powered intelligent ransomware detection and an automatic response mechanism. At the network boundary, the AI detection engine of Huawei MRP is equipped with an exclusive clustering and classification algorithm. The detection rate of malicious domain names reaches over 99 percent, and malicious programs are blocked promptly, to prevent sensitive data leakage.
Within the intranet, Huawei's exclusive network-storage interworking technology uses intelligent technologies to detect situational awareness, restore ransomware attack paths based on threat events, deliver interworking policies, and automatically isolate lost hosts to prevent virus files from being backed up, all of which means that threats can be handled in minutes. In the post-attack phase, snapshot copies are compared using an in-depth analysis of content and integrity. The result is a 99.9 percent ransomware detection success rate.
Huawei ransomware solutions are created and maintained by a team based in multiple global locations, allowing them to better understand customer needs and help to design and develop better products and solutions. In addition to this, the execution of an AI layer means that products are constantly self-improving, with greater levels of detection and fewer false positives. In addition, users can create a white list for unusual traffic patterns that have a genuine purpose.
Thanks to an industry-first network storage linking solution, Huawei MRP can provide early warnings, reducing the risk of user data being held to ransom, but if the worst happens, Huawei offers dedicated backup storage devices which produce the industry's fastest recovery speed of 172TB/hour, meaning customers can expect accelerated service recovery and minimal downtime.
As part of Huawei’s commitment to helping businesses understand the risks and be fully aware of their potential vulnerabilities, the company’s ransomware protection is fully compliant with the NIST Cybersecurity Framework. Organizations must understand their overall network readiness and cybersecurity risks and can use this framework as an important tool to understand risks and develop methods to move into a more appropriate and sustainable risk environment and readiness.
For ease of use and deployment, MRP can be activated and controlled directly from the GUI of Huawei’s dedicated storage devices without any installation or deployment of software. Alternatively, you can deploy MRP on a third-party device, by installing the relevant software and configuring it on-screen. Creating an “isolation zone” for suspect files can be achieved using Huawei’s BC Manager application, deployed on a local server or virtual machine.
Huawei’s ransomware protection solutions are fully compatible with industry-leading backup software vendors to provide customers with many options. They can use the solution to restore data copies in both the production and isolation areas to restore production.
It can detect labeled clean duplicates, such as storage snapshots, for quick recovery in seconds, or use the clean backup duplicates to restore data in earlier periods through backup software.
IDC’s recent report found that for companies with fewer than 1,000 employees, the average ransom to decrypt their data is around $120,000, rising to nearly $400,000 for companies with more than 20,000 staff. Paying the ransom doesn’t always trigger the data to be unlocked, with it being either destroyed or leaked by the hackers, despite payment. So the question should never be whether you can afford a ransomware solution – it should always be, can you afford not to have one?
Learn more about Huawei’s multilayer ransomware solutions.
*The report 'Developing ransomware resilience with multilayer network, storage, and data protection architecture' was produced by IDC and sponsored by Huawei.
Some recent ransomware attacks on data centers
-
Rackspace: ransomware incident was caused by ‘zero-day’ exploit, Hosted Exchange service will not be coming back
Company says customer data was accessed but not viewed or misused
-
Major InterContinental Hotels Group outage blamed on "unauthorized activity"
Customers struggle to book as systems go offline
-
Customers sue 365 Data Centers over alleged ransomware which caused outage
365 Data Centers' negligence meant an attack on customer data took down its whole cloud, says class action complaint