Ransomware, NetApp and You

The world is a nefarious place. All you have to do is read the latest headlines to see why.

As the use of the Internet has expanded to include things like cloud and the Internet of Things, the number of threats have also expanded. Computer viruses, root kits, spoofing, phishing, spear phishing, denial of service attacks, hacking, Nigerian princes promising a million dollars to your 75 year old mother in law… all of these things are challenges that IT professionals face every day.

One of the nastier security issues out there is something called “ransomware.” It’s exactly what it sounds like – someone gets control of your data via one of the aforementioned ways and encrypts it and holds it ransom, usually for payment in dollars or bitcoin. It’s the Internet version of “Taken” and it often requires someone with a very particular set of skills to combat.

69718596602d11906ebc9004d38b4d6cdea2f1eec494dda537d49f3aac4e52c6

How do you combat ransomware?

There are essentially two ways to combat ransomware:

  1. Threat prevention via securing your networks, authentication and user education.
  2. Restoring from backup (wait. Did we backup???)

NetApp has long been known for its superior Snapshot technology, but with ransomware, it now has a new use case.

If you store your data on NetApp storage and keep a regular cadence of snapshots, you can recover nearly instantaneously from ransomware attacks and be back in business in minutes. Snapshots are readonly, so they can’t be modified by attackers. If someone locks your data up, unlock it by rolling back to happier times, such as when your data was not being held hostage by ransomware.

Matt Watts (@mtjwatts) recently did an excellent job coming up with “10 Good Reasons” for NetApp with regard to ransomware protection. Here is the infographic:

whynetapp

NetApp won’t necessarily prevent ransomware, but they can help get you out of a sticky situation.

In addition to the above, NetApp Security Technical Marketing Engineer Andrae Middleton (Andrae.Middleton@netapp.com) wrote up a Technical Report on Ransomware and NetApp that will be out very soon. You can find that here:

http://www.netapp.com/us/media/tr-4572.pdf

Andrae also has some other useful NetApp security related documentation here:

DS-3846: Security Features in ONTAP 9

TR-4569 Security Hardening Guide for ONTAP 9

We also had Andrae on the Tech ONTAP podcast, along with NetApp A-Team member Jarett Kulm (@jk47theweapon):

 

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s