The SolarWinds breach has forced businesses worldwide to reconsider their approach to data protection and overall security. While not a ransomware attack, the event highlighted the level of potential devastation had the SolarWinds’ hackers chosen to encrypt the data and hold it for ransom.
These security holes exposed in the SolarWinds breach heighten the threat of ransomware in a year already recovering from a massive spike in attacks. A recentfound the number of ransomware attacks grew by more than 150% in 2020, as cybercriminals took advantage of work-from-home vulnerabilities. In fact, many organizations are now looking to increase security with a new data protection method because they are assuming they will be breached at some point. This means companies are taking a much more holistic approach to security, rather than relying solely on perimeter security alone, and protecting data at the storage level.
The Impact of SolarWinds
As businesses worldwide were forced to digitally transform to stay afloat amid the COVID-19 pandemic, they in turn became more susceptible to security threats as operations shifted to accommodate remote work and removed in-person customer interactions. Because enterprises are modernizing their security strategies to adjust to this new normal, the information security sector is now estimated to be amarket this year and is projected to surpass by 2023.
As the SolarWinds attack targeted 100 private sector companies and nine federal agencies, enterprises are facing the harsh realization that even advanced security measures may not be enough to protect data from accelerating threats.
Assume a Breach Will Occur
Start by assuming that a security breach will ultimately occur. Perimeter security measures will inevitably fall short against increasingly sophisticated attacks. Perimeter security can be thought of as a fence around a house. While the house appears protected from the outside, intruders can climb over or under the fence, making the protection useless against advanced trespassers. Once they’ve gotten past the fence, organizations are often left vulnerable and without defense — hence, the extreme increase in cyberattacks year over year.
Once a breach has happened, assume that hackers will attempt to encrypt data. Backup copies are often the primary target, so enterprises need to ensure they have copy of data that is invulnerable to such encryption so they can restore it when attacked. The easiest way to do this is to keep a backup data copy on immutable storage: once written, the backup cannot be changed or deleted for a specific period. This prevents malware from being able to encrypt the data. If an attack occurs, organizations can restore an unencrypted copy of the data via a simple recovery process.
Hackers may also download confidential information and threaten to release it to the public. To protect themselves, organizations should encrypt both data at rest and data in flight.
The Future Mindset and Its Impact on Data
In today’s threat landscape, it is no longer a question of if enterprises will be breached but rather a question of when. By recognizing this, organizations can take actions to better protect their valuable data against sophisticated attackers. While perimeter security is essential, it is no longer enough to combat rising advanced threats. An effective security strategy requires a holistic approach, including deploying immutable storage and encrypting data at all stages to ensure data remains protected.
Gary Ogasawara is’s Chief Technology Officer, responsible for setting the company’s long-term technology vision and direction. Before assuming this role, he was Cloudian’s founding engineering leader. Prior to Cloudian, Gary led the Engineering team at eCentives, a search engine company. He also led the development of real-time commerce and advertising systems at Inktomi, an Internet infrastructure company. Gary holds a Ph.D. in Computer Science from the University of California at Berkeley, specializing in uncertainty reasoning and machine learning.