As Conti Ransomware Rises, Targeting Backups, MSSPs Must Stay Alert
We highlight some new reports and a couple new backup-focused platforms.
![ransomware ransomware](https://eu-images.contentstack.com/v3/assets/blt10e444bce2d36aa8/blt3c6e0f1e64b0e0ec/65244383be6982fd056d0c48/17-Ransomware.jpg?width=700&auto=webp&quality=80&disable=upscale)
Shutterstock
Veritas Technologies recently released its report, “The Vulnerability Lag.” The company surveyed more than 2,000 global IT leaders and found that most are “severely vulnerable” to ransomware attacks. That’s because they’ve had a hard time keeping pace with pandemic-led digital transformation.
To that end, in the past 12 months, the average organization suffered nearly three ransomware attacks that led to downtime. Ten percent were hit with ransomware more than five times. Cloud presents one of the most vulnerable technologies.
“The cost of ransomware attacks is expected to exceed $20 billion this year,” Mike Walkey, channel and alliances chief at Veritas, told Channel Futures. “It’s a ubiquitous threat. Every company is under threat of attack.”
Troy Gill, manager of research at security vendor Zix, agreed.
“Companies cannot wait for potential threats to emerge but must proactively identify security incidents that may go undetected by automated security tools,” Gill said. “As we enter into the back half of the year, we will continue to see phishing, business email compromise, and ransomware attackers become more sophisticated and bad actors asking for higher bounties to release data they have compromised.”
Zix recently published its 2021 Mid-Year Global Threat Report.
Partly with ransomware in mind, Clumio has released Clumio Protect for Amazon S3. It’s the first Amazon S3 backup as a service platform — which is interesting because Amazon S3 has been an industry staple for around 15 years. So why has Clumio, which develops cloud-based data protection platforms, targeted the storage service now?
“S3 was seen very often as a cheap dumping ground for data,” Chadd Kenney, vice president of product at Clumio, told Channel Futures. Now, though, S3 is “more microservices, container-based apps and next-generation apps,” he said. “So it’s more critical.”
Protecting the data stored in Amazon S3 accounts is critical. While Clumio Protect comes with a number of backup capabilities, for MSSPs, MSPs and VARs, one of the main ones comes down to cybersecurity.
To that point, Clumio Protect stores air-gapped S3 backups outside of the customer’s AWS account. Those backups provide immutable storage with data-at-rest and in-flight encryption, Clumio said. MSSPs (or their clients) may bring their own keys. There’s also multifactor authentication with SSO integration, and access controls for assets and roles. In addition, Clumio Protect comes without a delete button. That way, employees can’t accidentally erase data and hackers can’t get access to get rid of information.
Clumio Protect will start its early-access program at the end of October. General availability will come in December. Look for Clumio Protect on Microsoft Azure, too, although Clumio has not committed to a date.
“It’s probably not too far out,” Kenney said.
StorOne has teamed with Seagate to release a bundled solution that maximizes data protection.
Here’s how it works: StorOne writes all data to persistent media. Then, StorOne’s vRAID provides drive redundancies and hard disk drive rebuilds. From there, the platform includes includes S1:Snap.That’s StoreOne’s snapshot feature that can help protect against a ransomware attack.
S1:Snap can take a snapshot every minute and retain that image (for decades, StorOne says) without affecting performance. S1:Snap provides the ultimate protection against a ransomware attack. Finally, S1:Replicate provides synchronous and asynchronous data replication within the data center and off-site to a remote location, an MSP or the public cloud.
StorOne has teamed with Seagate to release a bundled solution that maximizes data protection.
Here’s how it works: StorOne writes all data to persistent media. Then, StorOne’s vRAID provides drive redundancies and hard disk drive rebuilds. From there, the platform includes includes S1:Snap.That’s StoreOne’s snapshot feature that can help protect against a ransomware attack.
S1:Snap can take a snapshot every minute and retain that image (for decades, StorOne says) without affecting performance. S1:Snap provides the ultimate protection against a ransomware attack. Finally, S1:Replicate provides synchronous and asynchronous data replication within the data center and off-site to a remote location, an MSP or the public cloud.
Cyber criminals are targeting data backups and managed security service providers need to remain alert. On Wednesday, Advanced Intelligence, a cyber-risk prevention firm, published a report showing that the Conti ransomware gang has its eye on backups.
Conti is considered a ransomware-as-a-service (RaaS) variant; however, there is a variation in its structure that makes it different. It’s likely that Conti developers pay their deployers a wage rather than a percentage of the proceeds used by affiliate cyber actors. In addition, they get a share of the proceeds from a successful attack. The group has gotten especially adept at targeting Veeam platforms, the report says.
When it comes to Advanced Intelligence’s findings, by the way, Veeam disagrees.
Veeam’s Rick Vanover
“The [advice] is too limited in its specifics and does not align to the advice Veeam provides customers and partners,” Rick Vanover, senior director of product strategy at Veeam, told Channel Futures. “There are more options than ever to keep backup data safe with Veeam (including air-gaps, offline backups and immutable options) which are not addressed.”
Overall, Palo Alto Networks says, “Conti ransomware stands out as one of the most ruthless of the dozens of ransomware gangs that we follow.”
As all types of ransomware present ever bigger problems for enterprises and their channel partners, the slideshow above looks at some new reports on the topic, and a couple new backup products built to help users avoid breaches.
Read more about:
MSPsAbout the Author(s)
You May Also Like