Subscribe

SA companies unprepared for harsh realities of ransomware attacks

By Tracy Burrows
Johannesburg, 17 Jun 2021
Fred Lherault.
Fred Lherault.

The number of ransomware attacks is increasing, yet most local organisations are ill-prepared to mitigate the risks of the actual attacks, or to recover after such an attack.

This is according to Fred Lherault, field CTO EMEA/Emerging markets at Pure Storage, who was speaking ahead of a Pure Storage webinar on ransomware.

Pure Storage notes as many as 60% of organisations dealt with a ransomware attack in 2019, and this type of attack is on the increase. A recent IBM Security report found a sharp increase in the size of the ransom demands being made – and in the costs associated with such a breach – which now average $2 million.

“The cost of lost business can be higher than the ransom itself,” says Lherault. “Few organisations can afford to be offline for the days or weeks it can take to restore all their systems and data.”

Whether a targeted organisation pays a ransom or not, it is likely to suffer serious business continuity challenges as a result of an attack. Lherault says: “We have seen a number of cases where an organisation whose data was encrypted in a ransomware attack has tried to recover the data themselves without paying the ransom, but they discover it could take days or weeks to recover and may then be tempted to pay the ransom. But even those who do pay the ransom and receive the decryption tool may find it does not decrypt the data quickly enough to avoid business downtime. It can take days or weeks to decrypt hundreds of terabytes of data. This is why, in our view, it is essential to have a rapid recovery solution that can restore as much as a petabyte of data in as little as one day.”

Lherault says in addition to rolling out a rapid recovery solution, organisations should mitigate the impact of ransomware attacks through incident response planning and testing. “Entirely securing the perimeter against attack is pretty much impossible – there will always be a door open somewhere. Therefore organisations need to test their tools and processes and demonstrate that they can recover by running simulated attacks,” he says.

Pure Storage will host a webinar on 22 June – on ransomware protection and augmenting data protection strategies to deal with it – as part of the ITWeb Cloud and Data Centre Webinar Series. This event will address the importance of key cyber security investments, controlling access to secure files and data through admin rights and privilege management, and backing up files through frequent snapshots and other data protection methods. Lherault will share the latest data on ransomware trends, what the threat vectors are, highlight real life examples of attacks and expand on Pure Storage solutions. For more information and to register, go to https://www.itweb.co.za/webinar/pure-storage-ransomware-protection-and-augmenting-data-protection-strategies-to-deal-with-it/