Tagged in

ransomware

Rubrik -  - Exploring Passive Survivability: Bracing for a Security Attack

General Tech

Exploring Passive Survivability: Bracing for a Security Attack

Security attacks continue to be on the rise as threats like ransomware grow more mature and complex.  Although preventing ransomware attacks may seem near impossible, there are tools and infrastructure best practices that make recovering from a cyberattack less painful. In a recent article with Infosecurity Magazine, Robert Rhame, Director of EMEA Product Marketing at Rubrik, explores the passive survivability model and how this framework can enable your team to bounce back from a successful attack. Let’s take a quick look at this model and how, according to Rhame, it can prepare your team.  A version of the below excerpted article originally appeared in Infosecurity Magazine. Design Your Infrastructure Like a Ship When it comes to preparing for a threat that you can’t stop, your infrastructure must be designed in such a way that an attack, although damaging to your business, does not cause all of your operations to sink. Like a modern battleship, your infrastructure should be created with an inherent resiliency built into it. This resiliency is different than traditional network segmentation and should be thought of as failure compartmentalization. The prevalence of the cloud, mobile, SaaS, and IoT devices means that organizations must no longer be focused…
Rubrik -  - The Day the Data Center Stood Still: A Tabletop DR Workshop

General Tech

The Day the Data Center Stood Still: A Tabletop DR Workshop

When it comes to being ready for the real thing, regular DR testing is crucial to preparing a team for all the moving parts involved when some random day goes really wrong. The trouble is, it’s not always possible to scrape together the time and resources needed to test as often as you should. In many organizations, the first time a crisis team gets together is for the big one.   This blog series shows how you can use tabletop workshops to do some hypothetical training and strengthen your disaster recovery and response strategy. In my first post, I discussed the importance and preparation of a tabletop exercise. This post will help walk through the setup and execution of the exercise. Let’s get started! Tips for Running Your Tabletop Workshop Each workshop has one facilitator to guide the exercise and 5-10 participants in the core and extended crisis team to roleplay the scenario. Note that participants will not necessarily be playing their actual role at the company, but working collectively as a group to address the disaster. Group Discussions One of the main goals of a tabletop workshop is to encourage group discussions that identify holes in your current DR strategy…
Rubrik -  - How to Throw a Disaster Recovery Tabletop Workshop

General Tech

How to Throw a Disaster Recovery Tabletop Workshop

Ransomware and destructive malware. You either groan with media fatigue or cringe at the thought of getting blown off the map by bitcoin bandits…perhaps both. For many organizations, creating a multi-leveled disaster recovery plan to accommodate this potential threat is now a top priority. The problem is, many organizations create a DR plan but don’t test each year. It’s easy to procrastinate DR testing, as it’s a costly activity in terms of both hours and infrastructure. But failure to test in a complete and realistic scenario can leave an organization woefully unprepared for some of the ancillary activities like communication and ownership of action. Essentially, the first time the crisis team meets should never be during a crisis. Simulating an attack around a table with a few colleagues doesn’t replace live testing, but it does uncover things you may not otherwise think of. This blog series will help walk through the setup and execution of a tabletop exercise for testing your DR plan. In true RPG style, this post will show how to simulate an unfolding disaster and apply your DR strategy in response. The advantage of running a tabletop exercise is its lightweight impact in terms of time and…
Rubrik -  - Kick Ransomware in the Teeth with Polaris Radar

Architecture

Kick Ransomware in the Teeth with Polaris Radar

There’s a strong chance that you, a colleague, or a peer at another company has been hit by a ransomware attack. This means that someone penetrated your perimeter defense, likely through human phishing methods or insecure external access (such as RDP), and has landed malicious code within a permissive zone of your production environment. The outcome of these attacks comes in the form of encrypted content (files, folders, operating systems, etc.) that require cryptocurrency payment(s) to make it accessible once more. This pain can hit especially hard when: Identifying where the malicious code exists to remove or neuter it. Scoping out the damage and either paying the “ransom” or restoring data from backup. Determining how to prevent the intrusion from repeating, if possible. Fortunately, we at Rubrik understand this pain all too well. One of our earliest customers, Langs Building Supplies, had their production environment hit by a ransomware snag back in 2016. Their team acted quickly and used the immutable nature of Rubrik’s backups to recover the encrypted data without paying the ransom. Huzzah! Since then, we’ve taken the state of the art to a new frontier with the release of Radar, an application that lives on our Polaris…
Rubrik -  - Introducing Rubrik Protection for Epic EHR

Product

Introducing Rubrik Protection for Epic EHR

How confident are you in your Epic EHR data backups? Here at Rubrik, we understand that our healthcare customers rely on their electronic healthcare record (EHR) system for real-time access to patient health data. Any downtime of this mission-critical system would jeopardize the quality of patient care and risk non-compliance with HIPAA and other regulatory requirements. Unfortunately, legacy backup solutions are increasingly stretched by the explosive growth of healthcare data and rising intensity of ransomware and malware attacks. Protecting large EHR systems is difficult, with slow backup and recovery performance potentially compromising patient data availability. Without proper security, backups of production data are equally vulnerable to ransomware attacks. And on top of these security risks, legacy backup systems are complex and require significant management time, often from dedicated specialists. With Andes 5.0, Rubrik addresses these pain points by extending its policy-driven data protection to both physical and virtualized Epic EHR systems. Here are a few of the key differentiators that set Rubrik apart: High-performance backups. Rubrik Cloud Data Management (CDM) accelerates Epic backups with parallel ingestion and an incremental-forever approach, with no impact on the Epic production system. SLA policy-driven automation. Through a single policy engine, backup administrators create and…
Rubrik -  - Polaris Radar: The Last Line of Defense

Product

Polaris Radar: The Last Line of Defense

Ransomware is getting increasingly more sophisticated, and attacks are getting harder and harder to avoid–even when strong security measures are in place. In fact, over 70% of organizations were infected by ransomware after it successfully bypassed their detection and prevention measures.* Ransomware rapidly mutates into new variants, making it extremely difficult to detect with traditional signature-based approaches. That’s why we built Radar, a Polaris app that increases resilience in the face of cyber attacks. Rubrik’s approach includes multiple layers of defense, such as anomaly detection, data analysis, and instant recovery.   Dealing with Ransomware No one likes having their possessions held for ransom and being blackmailed into paying cash for something that is already theirs. Typically, a data center is infiltrated undetected via an endpoint device from a phishing attack that will begin to rapidly encrypt files based on various criteria. At this point, the victim can either pay the ransom or lose their data. There are three main reasons corporations choose not to pay ransoms: It encourages ransomware hackers to carry out more attacks. It shows that the organization is willing to pay, making them a higher priority target. Paying doesn’t always result in getting the decryption key. Dealing…
Rubrik -  - Introducing Radar: Faster Recovery from Ransomware

Company

Introducing Radar: Faster Recovery from Ransomware

Ransomware is on the rise, and it’s only getting smarter. Recent research shows ransomware attacks grew more than 350% annually.* To defend against attacks, many companies typically focus on building a perimeter to prevent malware from ever entering their data center. However, as malware becomes increasingly sophisticated, it’s no longer a matter of if  but when an organization will be hit by an attack. While building a perimeter is essential, preventing every threat, every time, across every surface area is a near-impossible task. In fact, 71% of organizations were hit by ransomware after it successfully bypassed their detection and prevention measures.** Once an attack breaks through your defenses, bouncing back quickly is painful. For many IT professionals, this will bring to mind long nights spent trying to detect an attack, analyze the extent of the damage, and restore quickly from backup files. Resiliency should be stronger, and recovery should be faster. The most effective strategy for defending against ransomware is a defense in depth. This approach encompasses a holistic, multi-level ransomware response strategy that incorporates both prevention measures to keep threats out and strong resiliency to minimize downtime when an attack happens. Meet Radar: Recover Faster. Stay Smarter. We’ve been…
Rubrik -  - The Beauty of Immutability

General Tech

The Beauty of Immutability

Imagine one or more of your systems is unavailable because of some malicious attack, whether a nasty virus, ransomware, or sabotage from a disgruntled employee. No worries, these things happen —  you’ll recover from backup. Except you discover that your backups have been compromised in the same manner (this has happened). This is usually where the term air gap gets dropped. Someone will say, “you need a truly offline backup — tape! There’s no way ransomware can get into a tape backup!” While that’s true, how long does it take to recover from tape stored in a land somewhere far, far away? If a backup takes so long to restore that there’s major financial or business impact, does it actually exist? Realistically, there are ways to protect your data stored by backup systems even without this gap. I recently wrote a blog post about immutable infrastructures, but compute infrastructures are not the only way that immutability matters in the data center. Immutable, by definition, means the state is set or inflexible once constructed. In other words, it cannot be changed. The goal is to build a more reliable automated compute infrastructure in order to enable stable continuous delivery. Data has become…
Rubrik -  - Encrypting Your Data in the Cloud, Part 1: Why It Matters

General Tech

Encrypting Your Data in the Cloud, Part 1: Why It Matters

Data Breaches Are Trending While IT security in 2018 has been dominated with news about CPU vulnerabilities, we may very well look back on 2017 as the year of online data breaches and cloud data leaks. From stolen consumer data due to unpatched vulnerabilities to sensitive data leaks due to misconfigured cloud storage buckets, it seems that no one’s data was safe in 2017. For a number of reasons, this is a trend that is likely to continue in 2018 and beyond: The inexorable move from analog to digital means more and more of our data is being stored on computers and websites that are targets for hackers. For example, the Equifax breach impacted 145 million consumers who had personal information stolen. A greater percentage of company employees work remotely using a wide range of devices from desktops to smartphones. This expands the threat landscape and gives malicious actors more ways to compromise valuable data. The growth of the public cloud means that increasingly more data is being stored outside of company data centers in repositories that are accessible via public endpoints. This move to the cloud requires knowledge and skill sets that are still in short supply, leading to…