From the Blogosphere
Thwarting Ransomware Attacks | @CloudExpo #BigData #ML #Cybersecurity
As technology gets increasingly complex, it’s a foregone conclusion that we will be coming face to face with security threats
By: Nitin Donde
Aug. 4, 2017 12:00 PM
Having an Actionable Disaster Recovery Plan Is Crucial in Thwarting Ransomware Attacks
As we have seen over and over again, a new wave of ransomware attacks has been plaguing large parts of Europe over the last couple of weeks. While the affected individuals and organizations are struggling with the very tangible business impact of the loss of revenue and operations, it's critical to step back and review what else one could do to mitigate and minimize the damage from such attacks in the future.
Not everyone seems to be agreeing on the exact name of the attack - however this particular strain is apparently from a family of attacks that uses EternalBlue, an exploit developed by NSA, along with an MS Office / WordPad vulnerability discovered earlier this year. While the previous ransomware attack was known as WannaCry, this latest attack goes by several names - Petya, Petrwrap or GoldenEye, and is reportedly more malicious than WannaCry. WannaCry would simply encrypt some of the files on a filesystem and demand ransom in exchange for a decryption key; yet this latest attack goes ‘all out' and encrypts the entire filesystem. Specifically, it encrypts the filesystem's MBR (Master Boot Record) in addition to encrypting the user's files and directories.
Consequently, victims could not restart their infected computers, much less find ways to recover their ransomed data. The targets seemed to be computers running Windows, and Microsoft has released a fix for the issue as part of its monthly patch for June.
As technology and the world at large gets increasingly complex, it's a foregone conclusion that we will be coming face-to-face more with security threats and other malicious behavior of this nature. However, having an actionable disaster recovery plan in place can make it easy to rebound after an attack with just a minimal impact on business operations.
The most important measure one could take in this regard is to have rigid security hygiene. At an individual level, this means exercising judgement and prudence while dealing with unknown data (emails, attachments, PDFs and JPEGs). At an organization level, this means ensuring that everyone's running the most up-to-date OS versions on their computers and that incoming and outgoing data are properly vetted using state-of-the-art security procedures.
The second line of defense should be a rock solid backup architecture. Historically, OS vendors have been slow to catch up to new and evolving security threats. Consequently, there's always a short window of opportunity for attackers, where they can hack into systems and take control of critical data and applications before the OS vendors have had the opportunity to release a security patch. Having a backup architecture that involves making multiple point-in-time copies of data across geographies provides protection against such eventualities.
Moreover, the backup architecture must be smart enough to make copies of not just the data but the metadata as well. For instance, an organization that was backing up data and metadata in this manner would have been impervious to all of the recent ransomware attacks.
The future, however, truly belongs to intelligent threat sensing backup architectures that can look for patterns of data movement and churn, and build custom predictive models to immediately flag an event as a possible threat or intrusion. While providing intelligent ongoing predictive inputs, such systems can also help an organization recover their data to a previous pristine point in time so that business operations may resume anew.
If organizations are not thinking through the implications of data loss, they leave themselves exposed to not only a lengthy data restoration process, but the possibility of not being able to recover their data at all. Making sure to have a solid backup and recovery process in place helps keep companies fully covered and ready to restore should the need arise.
With major technology companies and startups seriously embracing Cloud strategies, now is the perfect time to attend 21st Cloud Expo, October 31 - November 2, 2017, at the Santa Clara Convention Center, CA, and June 12-14, 2018, at the Javits Center in New York City, NY, and learn what is going on, contribute to the discussions, and ensure that your enterprise is on the right path to Digital Transformation.
Track 1. Enterprise Cloud | Cloud-Native
Cloud Expo | @ThingsExpo 2017 Silicon Valley
Cloud Expo | @ThingsExpo 2018 New York
Download Show Prospectus ▸ Here
Every Global 2000 enterprise in the world is now integrating cloud computing in some form into its IT development and operations. Midsize and small businesses are also migrating to the cloud in increasing numbers.
Cloud Expo is the single show where technology buyers and vendors can meet to experience and discus cloud computing and all that it entails. Sponsors of Cloud Expo will benefit from unmatched branding, profile building and lead generation opportunities through:
For more information on sponsorship, exhibit, and keynote opportunities, contact Carmen Gonzalez by email at events (at) sys-con.com, or by phone 201 802-3021.
The World's Largest "Cloud Digital Transformation" Event
@CloudExpo | @ThingsExpo 2017 Silicon Valley
@CloudExpo | @ThingsExpo 2018 New York
Full Conference Registration Gold Pass and Exhibit Hall ▸ Here
Register For @CloudExpo ▸ Here via EventBrite
Register For @ThingsExpo ▸ Here via EventBrite
Register For @DevOpsSummit ▸ Here via EventBrite
Sponsors of Cloud Expo | @ThingsExpo will benefit from unmatched branding, profile building and lead generation opportunities through:
For more information on sponsorship, exhibit, and keynote opportunities, contact Carmen Gonzalez (@GonzalezCarmen) today by email at events (at) sys-con.com, or by phone 201 802-3021.
All major researchers estimate there will be tens of billions devices - computers, smartphones, tablets, and sensors - connected to the Internet by 2020. This number will continue to grow at a rapid pace for the next several decades.
With major technology companies and startups seriously embracing Cloud strategies, now is the perfect time to attend @CloudExpo | @ThingsExpo, October 31 - November 2, 2017, at the Santa Clara Convention Center, CA, and June 12-4, 2018, at the Javits Center in New York City, NY, and learn what is going on, contribute to the discussions, and ensure that your enterprise is on the right path to Digital Transformation.
Delegates to Cloud Expo | @ThingsExpo will be able to attend 8 simultaneous, information-packed education tracks.
There are over 120 breakout sessions in all, with Keynotes, General Sessions, and Power Panels adding to three days of incredibly rich presentations and content.
Join Cloud Expo | @ThingsExpo conference chair Roger Strukhoff (@IoT2040), October 31 - November 2, 2017, Santa Clara Convention Center, CA, and June 12-14, 2018, at the Javits Center in New York City, NY, for three days of intense Enterprise Cloud and 'Digital Transformation' discussion and focus, including Big Data's indispensable role in IoT, Smart Grids and (IIoT) Industrial Internet of Things, Wearables and Consumer IoT, as well as (new) Digital Transformation in Vertical Markets.
Financial Technology - or FinTech - Is Now Part of the @CloudExpo Program!
Accordingly, attendees at the upcoming 21st Cloud Expo | @ThingsExpo October 31 - November 2, 2017, Santa Clara Convention Center, CA, and June 12-14, 2018, at the Javits Center in New York City, NY, will find fresh new content in a new track called FinTech, which will incorporate machine learning, artificial intelligence, deep learning, and blockchain into one track.
Financial enterprises in New York City, London, Singapore, and other world financial capitals are embracing a new generation of smart, automated FinTech that eliminates many cumbersome, slow, and expensive intermediate processes from their businesses.
FinTech brings efficiency as well as the ability to deliver new services and a much improved customer experience throughout the global financial services industry. FinTech is a natural fit with cloud computing, as new services are quickly developed, deployed, and scaled on public, private, and hybrid clouds.
More than US$20 billion in venture capital is being invested in FinTech this year. @CloudExpo is pleased to bring you the latest FinTech developments as an integral part of our program, starting at the 21st International Cloud Expo October 31 - November 2, 2017 in Silicon Valley, and June 12-14, 2018, in New York City.
The upcoming 21st International @CloudExpo | @ThingsExpo, October 31 - November 2, 2017, Santa Clara Convention Center, CA, and June 12-14, 2018, at the Javits Center in New York City, NY announces that its Call For Papers for speaking opportunities is open.
Submit your speaking proposal today! ▸ Here
About SYS-CON Media & Events
Cloud Expo®, Big Data Expo® and @ThingsExpo® are registered trademarks of Cloud Expo, Inc., a SYS-CON Events company.
Reader Feedback: Page 1 of 1
Latest AJAXWorld RIA Stories
Subscribe to the World's Most Powerful Newsletters
Subscribe to Our Rss Feeds & Get Your SYS-CON News Live!
SYS-CON Featured Whitepapers
Most Read This Week