Cybercriminals have been busy exploiting global crises. Often in the form of phishing emails or other malware, these attacks prey on people’s need for information and have already started targeting large organizations, including hospitals and government agencies. For your organization, this means that hackers can easily attempt to take advantage of your employees who are eager for more news, leaving you vulnerable to ransomware. When combined with the growing sophistication of ransomware, the importance of cyber resiliency is more important now than ever. 

Combat Ransomware with Rubrik

Backups are often your last line of defense against ransomware and should be a reliable recovery strategy following an attack. In fact, advanced ransomware attacks target backup files—and the probability of a ransom payout increases when your last line of defense is compromised. 

Recovery is typically complex and time-consuming for organizations relying on legacy backup solutions; identifying the scope of the attack, locating the most recent clean data, and restoring quickly can be a significant investment for any organization. And with today’s ransomware strains, backups themselves are often encrypted or deleted from an attack.  


Customers across industries leverage Rubrik as part of their ransomware remediation strategy to ensure minimal data loss and business impact in the event of an attack. Here’s how we take a unique and comprehensive approach to help you ensure cyber resiliency:

Native Immutability to Safeguard Backups

How can you guarantee your backups are not compromised by ransomware? By ensuring all your data and applications are stored in an immutable format once ingested. Rubrik provides instant recovery from immutable backups, meaning that ransomware is never able to access and encrypt your backups. Data managed by Rubrik is never available in a read/write format, so it can never be read, modified, or deleted by an external malicious actor.

How it works: Rubrik combines an immutable filesystem with a zero-trust cluster design in which operations can only be performed through authenticated APIs. This means that once data is written, it cannot be read, modified, or deleted. Other data management systems tend to use general-purpose storage that leverages standard protocols such as NFS and SMB. This can leave your backup storage system vulnerable to ransomware.

Fast Recoveries to Minimize Downtime

The biggest pain for most ransomware victims is recovery. Rubrik streamlines the process of identifying and restoring to the most recent clean version of your data. With our Live Mount functionality, execute instant, file-level recoveries without any rehydration required. In addition, plug into automation frameworks such as ServiceNow Incident Response with Rubrik RESTful APIs to further increase operational efficiency.

How it works: Rubrik’s Live Mount delivers near-zero RTOs to accelerate data access for instant recovery. Users can browse and recover files, objects, and tables from VMs as well as physical SQL Server and Oracle databases. Rubrik’s Cloud-Scale File System has built-in zero-byte cloning capabilities that minimize storage consumption while allowing any number of mounts to be created.

Granular Visibility to Reduce Data Loss

Minimizing data loss from a ransomware attack requires IT teams to be able to quickly identify the impacted applications and files–a process that can be incredibly time-consuming with legacy technology. Rubrik enables you to quickly identify which applications and files were impacted through intuitive data visualizations and roll back with file-level granularity. This minimizes the risk of data loss associated with mass restores that include uncompromised data.

How it works: Once you have detected an attack, our SaaS application Rubrik Polaris Radar compares the post-attack snapshot with the snapshot immediately before to see what was added, deleted, or modified. Rubrik exposes the analysis in the management console, so you can see exactly the scope of the damage, what you need to recover, and where encrypted files are located with file-level granularity. Rubrik can also apply machine learning on application metadata to alert you of unusual activity.

Paying ransom should not be an organization’s only option following a ransomware attack, especially when those cybercriminals are taking advantage of a crisis like the COVID-19 pandemic. We believe that having an effective defense against ransomware during times like these enables customers to focus on higher-priority duties–both professional and personal. 

Download our free toolkit to learn how you can start building your ransomware remediation plan with Rubrik.