Blog
19 September, 2023
The statistics around ransomware attacks are both well documented and consistently changing for the worse. CEOs and CIOs of companies large and small are beginning to recognize that data protection is mission-critical and that investment in prevention and recovery can potentially save them millions down the road.
The problem is, as technology progresses and becomes more and more sophisticated, ransomware attacks are advancing and becoming more sophisticated as well. Whereas past attacks targeted the primary data environment, recent attacks have focused also on encrypting and corrupting backup data, eliminating the company’s safety net and enabling attackers to steal and extort.
Luckily, there are increasingly successful ways to stay a few steps ahead. While there are a number of choices when handling a ransomware attack, restoration of data from backup is by far the most effective and efficient method of recovery. That’s where TeraSky and Dell EMC PowerProtect Cyber Recovery Solution can help.
PowerProtect Cyber Recovery provides a secure architecture for hosting backup images, located in an isolated vault and completely hidden from attackers. The vault is disconnected fully from the primary environment by Air Gap, connecting only briefly and periodically to complete an update. This approach provides companies confidence that they have a safe backup for recovery, and the ability to know which backup version is correct in the event of an attack. Further, the system’s multiple layers of security and controls – via users, roles, privileges, and authentication protocols – preserve confidentiality and data integrity. With cryptography, auditing, and logging built-in, Cyber Recovery’s security components are cutting edge. The process is fully automated, providing notifications upon suspicious activity.
For companies that want an added layer of backup protection, Cyber Recovery offers adaptive analytics, machine learning, and forensic tools to detect, diagnose, and accelerate data recovery. The system boasts three primary components for determining data integrity:
- Metadata – Surface-level indexing of file system attributes to identify obvious data corruption. This level of analytics is important and has become standard but is insufficient and will result in a significant percentage of both false negatives and false positives.
- Content – Cyber Recovery goes beyond metadata to provide deep analysis inside all files and databases – not just file names – to uncover attacks that are missed by metadata-only analysis. Searching within the file contents, the system identifies signs of unusual corruption, encryption, and manipulation as soon as possible.
- Time – Finally, Cyber Recovery provides accurate analysis of how the data has changed over time, identifying slow-moving and sophisticated attacks that make subtle, easy-to-miss changes. Combined with metadata and content analysis, the dimension of time means Cyber Recovery identifies even the most sophisticated attacks.
TeraSky’s team includes top Dell experts, with first-hand knowledge and experience implementing PowerProtect Cyber Recovery for some of the world’s most recognized companies. If data is your business, we’ll help you assess your needs and implement Cyber Recovery for maximum control of data and infrastructure with a secure, isolated on-prem vault and multiple layers of physical and logical security. With Cyber Recovery’s added analytics and machine learning to monitor data integrity, TeraSky will see to it that you minimize the likelihood of a successful ransomware attack, reduce recovery time and damage, and increase resiliency.