Druva Inc., today shared its predictions highlighting how organizations are likely to evolve their data resiliency and protection techniques to combat the evolving ransomware threat of tomorrow. Next year will see a dramatic increase in both the volume and complexity of ransomware attacks with cyber criminals increasingly trying to avoid detection as they seek to gain control, encrypt and exfiltrate critical data from business environments including edge devices, SaaS application such as Salesforce, Microsoft 365, virtual machines and cloud native applications.
Ransomware is one of the most popular methods used by hackers and malicious actors, and according to Sophos, the total cost of recovery from a ransomware attack has doubled in the last year to more than $1.85 million¹. Its lucrative nature has incentivized bad actors to expand the scope of their attacks, including the introduction of new variants designed specifically to encrypt or delete backup data, destroying organizations’ last line of defense and further incentivizing payment.
Today, cyber criminals are able to attack virtually any organization because ransomware has gone mainstream by becoming “as-a-service.” These attacks target users to penetrate security and once inside, silently spread through the environment. Considering this ongoing threat from ransomware, Druva’s industry experts expect the following technologies will be critical to helping businesses enhance resilience, respond to ransomware and recover with confidence.
- AI and intelligent automation will help fight back against ransomware
AI and intelligent automation will play a crucial role in the fight against ransomware in 2022. It is not the need for new AI/ML developments, but the need for data protection and resiliency solutions to collect, process, and analyze end-to-end metadata at scale using AI/ML at each step. Readiness, remediation, and recovery will empower the fight against ransomware.
- Businesses will have to strengthen data resilience to combat ever-evolving ransomware
In a multi-cloud environment, it is nearly impossible to defend the perimeter, so customers will invest more to protect what the attackers are trying to access – their data. Customers will explore technologies such as:
- Data resiliency to ensure that data will be automatically protected and recoverable, regardless of the attack
- Data classification to identify the type and location of data throughout the organization, so they can minimize the risk to their most sensitive data
- Data access governance to manage who and what can access data
- Data access analysis to monitor the patterns of who or what is accessing data
- Organizations will focus on securing and protecting the edge
With the advent of the “Work from Home” trend, employees are now working on laptops and are constantly connecting to unsecured networks which leads to several entry points that can potentially be exploited by cyber criminals. In 2022, companies must think about security and data protection to the edge, securing and backing up all these devices, as they currently contain some of the organization’s most valuable data.
- Emerging ransomware strains like Conti to be combated with the cloud and data-protection-as-a-service (DPaaS)
Ransomware gangs like Conti often cause customers hardship with ransomware attacks and not delivering on their promise of providing unencrypted data in return for the ransom paid. Organizations will need to plan for such ransomware scenarios in 2022, emphasizing secure cloud-based data-protection-as-a-service (DPaaS) backup systems that provide the required level of backup protection and isolation from threat actors. Thereby, organizations will look at increasing their emphasis on ransomware-specific disaster recovery scenarios and have playbooks and do testing to plan/ respond to such scenarios.
Additionally, such services will provide capabilities to extensively integrate into security operations workflows and tools. Security teams will be required to monitor the security posture of the backup environment and integrate backup into their security operations workflows. IT (backup) and security will need to collaborate to address this problem.