#219 – Anatomy of a Ransomware Attack
Storage Unpacked Podcast
English - December 03, 2021 12:00 - 30 minutes - 27.9 MB - ★★★★★ - 21 ratingsTechnology Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
In this week's episode, Chris talks to Tony Mendoza from Spectra Logic about their recent ransomware attack and recovery.
The post #219 – Anatomy of a Ransomware Attack appeared first on Storage Unpacked.
This week Chris chats to Tony Mendoza, Senior Director of IT at Spectra Logic. The conversation covers the ransomware attack experienced by Spectra in May 2020 and the subsequent response to deal with the problem. On 7th May 2020, the company detected a ransomware exploit was encrypting files across application servers. In their place was a plain text file, demanding money for the decryption key and software. Fortunately, as a storage company, Spectra has a robust and well documented backup and recovery strategy that helped mitigate problems caused by the attack.
However, disaster recovery and ransomware recovery plans are somewhat different. As Tony explains, restoring data is one aspect of recovery, but getting back to normal operations means rebuilding trust and credentials management systems like Active Directory. The ongoing issue of ransomware is one that will evolve, requiring businesses to keep on top of the challenges and continually review ransomware recovery plans.
Tony highlights some good advice in this recording. Use multiple data protection methods; create an air gap (physical or logical) between backups and data. Immutable snapshots are a good example of this. Above all, expect a breach and have a plan in place to recover when the problem occurs.
To learn more about the ransomware attack, follow the link to the Spectra Logic website for access to a white paper and follow-up video. This link – https://spectralogic.com/attack-hardened/ – discusses the attack hardened approach Tony mentions in our recording.
Elapsed Time: 00:30:28
Timeline
00:00:00 – Intros00:01:27 – What happened in Spectra Logic’s ransomware attack?00:02:00 – COVID was an opportunity for more attacks00:03:58 – Hackers left behind ransomware text files00:05:50 – How did Tony protect non-infected systems?00:06:38 – Spectra had insurance which offered support (and the FBI)00:08:00 – Having a BC/DR plan helps understand the challenges of ransomware00:09:41 – What options do businesses have, following an attack?00:11:30 – Spectra had a robust data recovery system and all the data00:12:16 – Attacks could result in data and credentials egress00:15:27 – How is the recovery point determined?00:18:30 – Ransomware will become more advanced, requiring new thinking00:20:16 – Recovery isn’t instant and requires thinking about data flows 00:23:00 – Spectra has been brave to admit to a ransomware breach00:24:30 – Do we need ransomware certification?00:27:27 – Companies must take ransomware seriously00:28:40 – Wrap Up
Related Podcasts & Blogs
Calculate Your Ransomware Score with HYCUAs Ransomware Attacks Increase in Sophistication, We Need to Appreciate System AdministrationRansomware is a Darwinian Problem That Will Never Be SolvedSpectra Logic introduces Vail, with greater company focus on data management#88 – Nigel Tozer returns to talk about Ransomware
Copyright (c) 2016-2021 Storage Unpacked. No reproduction or re-use without permission. Podcast episode #kfkx.
The post #219 – Anatomy of a Ransomware Attack appeared first on Storage Unpacked.