Back toData-centric resilience

Why data blind spots make you the perfect ransomware target


The ransomware threat is becoming a crisis. Figures from the NCC Group show that attacks grew exponentially last year – rising by 92.7% compared to the previous year. Meanwhile, Cybersecurity Ventures has predicted that the global damage caused by ransomware attacks could cost $265 billion by 2031.

What’s worse, ransomware keeps evolving. Where the first threats focused on encrypting and barring access to critical business data, groups like AvosLocker, Hive, and REvil now run double extortion campaigns, both encrypting corporate data and threatening to leak it to a forum or a dedicated site.

Some groups, such as DarkSide and Clop, are even threatening to contact customers and partners to alert them about breaches. Ransomware has always been available on the dark web as a service, but attackers now infiltrate organisations and then sell access to criminal third parties. The ransom itself won’t always be the only goal, with attackers looking to disrupt critical infrastructure as much as possible to earn payback.

“Ransomware is happening across the globe. It’s destructive and a huge problem, threatening trust. If people were to lose their confidence and no longer trust their bank or online retail shops, then rebuilding trust is [going to be a challenge].” – Brent Conran, CISO Intel

What makes this picture even more troubling is it comes at a time when enterprises are struggling to manage the exponential growth of data. Enterprises are generating more data than ever, particularly unstructured data. According to IDC, it now makes up around 80% of corporate data. This isn’t just a problem because unstructured data is more challenging to process and use, but because it’s less visible, less managed and near impossible to protect.

From unsanctioned cloud storage use to data held in email folders on personal devices and in Slack threads, unstructured data provides ransomware groups with rich opportunities for encryption, exfiltration and extortion. This lack of visibility is precisely why attackers are targeting storage.

The onus is on businesses to develop a data architecture around resiliency and security, but this is easier said than done. It requires enterprises to inventory and analyse their data, break down siloes and balance access with security. They need the visibility to manage and organise unstructured data and keep their blind spots covered. In the words of Nutanix CISO, Sebastian Goodwin, “Unstructured data is a critical asset in any business and cyber criminals are exploiting this now more than ever. We must therefore implement data security strategies that focus on resilience and continuous monitoring.”

Failure to do so could have serious consequences, not least soaring cyber insurance costs. According to the insurance broker and risk advisor, Marsh, Cyber insurance pricing in the US increased by an average of 96% year over year in Q3 2021, a 40% rise over the previous quarter, partly in response to growing ransomware claims. For some organisations, simply obtaining cover could prove awkward. A growing number of insurance carriers won’t insure a business without a comprehensive data map and data usage analysis, not to mention an incident response plan and drills. Organisations that choose to ignore their unstructured data might find this hard to demonstrate.

Ransomware doesn’t simply put your data in jeopardy, it also puts your business continuity at risk. Attacks are inevitable, but data losses, data breaches and attendant costs are not. This is why it’s crucial businesses address their unstructured data, build a robust data architecture, and fortify against ransomware and emerging cyber-threats. As attacks occur lower in the infrastructure stack, it's essential to have protection built in down to the silicon level. Intel® Crypto Acceleration removes the performance impacts typically associated with encrypting broadly, while Confidential Computing with Intel® Software Guard Extensions (Intel SGX) is ideal when handling data that is sensitive, private, or highly regulated. Nutanix plans to take advantage of these technologies in the future.

Meanwhile, Nutanix’s hardened software platform, with automated remediation, makes it harder for ransomware to get a foothold, and the network and application segmentation of Nutanix Flow makes it even more difficult for ransomware to spread. Embracing these – and other technologies don’t just help your business battle ransomware, it also adds resilience and agility to the business, as well as boosting the potential to grow. If you want to find out more, visit https://www.nutanix.com/uk/products/security to discover what you can do to protect your organisation.