Ransomware!!! – an Analysis of Practical Steps for Mitigation and Recovery

Library Content Type:
Publish Date: 
Tuesday, September 28, 2021
Event Name: 
Event Track:

Malware, short for malicious software, is a blanket term for viruses, worms, trojans and other harmful software that attackers use to damage, destroy, and gain access to sensitive information; software is identified as malware based on its intended use, rather than a particular technique or technology used to build it. Ransomware is a blended malware attack that uses a variety of methods to target the victim’s data and then requires the victim to pay a ransom (usually in crypto currency) to the attacker to regain access to the data upon payment (with no guarantees). However, the landscape is changing, and ransomware is no longer just about a financial ransom. Attacks are now being aimed at the infrastructure and undermining public confidence, witness recent headlines regarding incidents affecting police informant databases and oil pipeline sensors. There is also the recent US Treasury guideline to businesses advising them not to pay the ransom. What can we realistically do to prevent such attacks, or do we simply surrender and accept we will lose our data and that the insurance payout will cover any loss? There is increasing evidence that the insurance companies are unwilling to meet those claims, so the situation is perilous as the criminals always appear one step ahead. As a starting point, everyone needs to start assuming they will be attacked at some stage – therefore prevention and mitigation strategies should be based on that assumption. This session outlines the current threats, the scale of the problem, and examines the technology responses currently available as countermeasures. What can be done to prevent an attack? What works and what doesn’t? What should storage developers be thinking about when developing products that need to be more resilient to attack?

  • Current ransomware trends and scale
  • Effectiveness of current data protection technology
  • What other defensive measures should be considered