2023: the year ransomware is no longer an IF but a WHEN

By Russ Kennedy, Chief Product Officer at Nasuni.

  • 1 year ago Posted in

With Data Privacy Day (28 January) behind us again, there’s one word on everybody’s lips this year: ransomware.

 

Survey after survey shows that the vast majority of organisations faced a ransomware attack in 2021, and during the first half of 2022, there were more ransomware attacks than in all of 2019. A significant percentage of those attacks were successful and the rate of attack clearly continues to grow. If a business hasn’t been hit yet, it will be in 2023. 

 

As such, the ability to protect data and rapidly recover from an attack will become a huge competitive differentiator. Rapid recovery will make the difference between a business being down for days or weeks, which will be spent decrypting data after paying a ransom and getting back to normal operations.

 

With 2023 removing the ‘if’ from ransomware attacks, here are some trends for the year ahead, as businesses look to secure and protect their data and strengthen their processes for when a cyberattack arrives.

 

A new standard for storing backups

When it comes to ransomware, backup is typically the last line of defence and cybercriminals know this well. Modern ransomware attacks make finding and digitally shredding backup files a top priority. The best defence is to have ‘air-gapped’ backups stored on media that are totally disconnected from the network, however, the trade-off is very slow recovery – so slow, in fact, that it would often be faster and less expensive to pay the ransom. 

 

In 2023, it will become best practice to protect file data by storing it as read-only, immutable objects in the cloud, which provides a virtual ‘air-gap’ while enabling extremely rapid recovery.

 

Unifying file data to protect business continuity

Businesses are facing more disruption than ever before. Oil prices are unstable, while winter power outages threaten to follow the unprecedented summer heat waves that put data at risk as data centres’ faltered under pressure.

 

This disruption is more than unwelcome as ransomware attackers wait ready to pounce at the first sight of unsecured data. As such, businesses are rapidly working to digitally transform in 2023 to ensure that they have the ability to respond to constantly changing conditions. A big part of that transformation is to protect data from ransomware in cloud-native file systems, which also provide enormous flexibility, ubiquitous access and built-in data protection — all at a lower total cost of ownership.

 

While the ability to protect and recover from attacks are two main priorities for businesses, detection technologies will also be on the radar in 2023 - particularly those that can automate ransomware detection. Businesses are working towards cyber-ready infrastructure to give them the most visibility of threats to their business, and their best chance to fight back. 

 

Paying a ransom is off the table 

While today’s companies are not intimidated or surprised by attacks, paying the ransom no longer guarantees recovery. Colonial Pipeline, a large oil pipeline in the US, failed to regain control despite paying a $4.4 million ransom in 2022, a tactic we will likely see replicated in 2023. 

 

In addition, a ransom demand is only the start of multiple impacts for a business afflicted by a ransomware attack – downtime and disruption to orders after entire file systems are found to be encrypted, future network repair costs and the need to restore the corrupted files as part of recovery phases lasting weeks and even months. In many cases, the overall costs of such a cyber-attack, in particular, the impact on productivity for the organisation often dwarfs the initial ransom demand - even where the demand is in the millions of pounds.   

 

Paying a ransom is, therefore, off the table for 2023. Instead, companies will turn to their new cloud-native file storage platforms to enable rapid recovery from cyber-attacks and minimise data loss. These products support a significant number of recovery points and ‘roll back’ to the exact time prior to a ransomware incident, allowing administrators to quickly restore files locally, typically in less than an hour.

 

Cyber resiliency is key for 2023

With the threat of cyber-attacks continuing into 2023, unfortunately, data protection will continue to keep IT managers up at night. This is the year when there are no ‘ifs’ or ‘buts’ when it comes to ransomware, instead, an inevitability that attackers will arrive at every business’s (digital) doorstep.

 

Henceforth, in the wake of this year's Data Privacy Day, organisations will be looking to strengthen their cyber resilience. Outdated traditional backups will be replaced by a modern approach of storing data as read-only, immutable objects in the cloud. The lengthy recovery process will be no more, as will paying a ransom, as when an attack hits, businesses will dial back their data to seconds before the event and get on with their day.

 

Armed with cloud-native file data platforms, organisations will be ready to weather the storm of disruption, whether that’s because it’s too hot or too cold. So, while 2023 is the year of ransomware, it’s the year of fighting it, not losing the battle.

 

By Richard Connolly, Regional Director for UKI at Infinidat.
By Auke Huistra, Industrial & OT Cyber Security Director, DNV Cyber.
By Richard Montbeyre, Chief Privacy Officer, BMC Software.
By Danny Kadyshevitch, Senior Product Lead, Detection and Response, Transmit Security.
By Andy Mills, VP of EMEA for Cequence Security.
By Muhammad Yahaya Patel, Security Engineer at Check Point Software.
By David Higgins, Senior Director, Field Technology Office at CyberArk.
By Scott Walker, CSIRT Manager, Orange Cyberdefense.