ransomware protection

Greater IT security with Commvault

Discover a better way to improve data protection, eliminate IT security blind spots, and recover your data from cyber threats, including ransomware.

IT security basics

With new strains of malware threats, including ransomware, on the rise, your enterprise and customer data is continually at risk despite the steps you’ve taken. Organizations protect and recover from security threats, including data breaches and ransomware while controlling access to key data.

68%

of organizations have experienced downtime due to security incidents.1

70%

of ransomware attacks involved the threat to leak exfiltrated data.2

148%

increase in ransomware attacks from the baseline levels reported in February 2020.3

Common types of cyber threats

How often do cyberattacks happen?

All of the time. Ransomware is the front page, global news. Everyone is talking about it, from Wall Street to Main Street. It is a hot topic in the boardroom as the board of directors reviews ransomware preparation and recovery plans. And it will continue to dominate headlines—and for good reason. In 2020, ransomware increased by 435 percent over the previous year.7 In 2021, researchers estimate that a business will fall victim to a ransomware attack every 11 seconds.8  Unfortunately, a ransomware attack is a matter of when, not if.  

“Data security is a top priority for our customers. Commvault enables us to enhance cybersecurity, improve our recovery readiness and meet compliance requirements.”

-Jitender Durairajan, head of cloud engineering and solutions, Sify Technologies Ltd.

How do cyber threats spread?

Cyber threats are often spread through email phishing messages that contain malicious links or through drive-by downloading. Drive-by downloading happens when a user unintentionally visits a contaminated site, and malicious software (malware) is downloaded onto the user’s computer or mobile device. A drive-by download usually exploits a browser, application, or out-of-date operating system or has a security flaw. Malware then uses these vulnerabilities to spread to other systems.

How to minimize cyber threat exposure?

The goal is to reduce risks and minimize the effects of a cyber threat. Cyber threat mitigation requires a combination of best practices and constant vigilance, along with a layered approach. Steps to reduce cyber threats, including ransomware, include:

What is cybersecurity data protection?

The cyber threat landscape, including ransomware, has transitioned to a case of “when” not “if.” To ensure you can recover your data, you need the right solution with the best technology, the right people, and processes.

Organizations require tools (such as anomaly detection, immutable backups, air gap, zero-trust, and data isolation support) to protect and measure their recovery readiness state continually. They do this to expose and remediate problems, validate the recoverability of their data and business applications, and improve their security to reduce their risk profile. In the event of a successful cyberattack, such as ransomware, fast restores are required to resume business operations quickly.

How to recover data from a cyberattack?

When a cyberattack occurs, and your data is exfiltrated or encrypted, you need to have a validated copy of your backup data that can be quickly restored to resume business operations. For a trusted and protected backup data copy, organizations need a layered approach encompassing multiple security tools, resources, controls, best practices, and strategies. These various layers of security controls are necessary to help ensure the backup data is secured and recoverable. These steps provide the confidence that when an attack does occur, your backup data is ready.

IT Security Market challenges

Cyberattacks continue to increase in volume and sophistication. Your data grows exponentially across on-premises, multi-cloud, and hybrid environments. As more technologies are added to meet new needs and demands, data is dispersed across multiple environments, including remote and distributed environments. Generations of data sprawl and fragmentation have broadened the attack surface, impeded automation and process efficiency, and left companies struggling to manage multiple protection and recovery tools across their environment. Your risk profile continues to be a significant challenge to control and all this amid constant evolving business requirements. 

Your IT security data protection and recovery solution needs to be able to restore your business from a wide variety of outages, including ransomware. The truth is ransomware isn’t new. It has been around in one form or another for decades. Like other technologies, malware and ransomware are evolving, with new threat variants coming out all the time. One reason for this is cybercriminals are sharing techniques and base code (off-the-shelf malware) with other criminals – which accelerates the time to market for new and more robust malware.

Commvault Complete™ Backup & Recovery has accelerated our recovery process to the point that we now measure our RTO in hours or even minutes, rather than days.”

– Ping Zhang | Director of Digital Development Center, Luzhou Laojiao Co., Ltd.

The Time for a Recovery Plan is Now

An ongoing attack is no time for improvisation or ad hoc measures. An effective plan is a foundation for a full and speedy resumption of normal operations. Like any disaster recovery plan, a plan’s essential elements are what, when, and who.

What – Identify and prioritize critical applications to focus on the systems and data you’ll need to recover first.

When – Define the Recovery Point Objectives (RPO), Recovery Time Objectives (RTO), and Service Level Agreements (SLAs) for your systems, data, and applications.

Who – Which players – internal staff and external vendors – will be involved in your data recovery efforts?

“Our RPO and RTO times have definitely decreased with the investment in the new [Commvault] solution.”

– Michele Buschman, Vice President Information Services, American Pacific Mortgage

A better way: Commvault’s approach

Security-conscious organizations trust Commvault for data protection and recovery to get their business back up and running quickly. Our multi-layered security approach to data protection and management ensures every organization can tailor its cybersecurity protection and recovery needs to its business requirements. The security framework follows the National Institute of Standards and Technology (NIST) Cybersecurity Framework standards and best practices and addresses these five areas:

Identify: assess and mitigate risks

Protect: lock and harden data from changes

Monitor: find anomalous threats

Respond: analyze data and perform orchestrated actions

Recover: restore clean data quickly

With Commvault, you’ll have a multi-layered security solution with robust cyber protection and recovery features to meet your business needs.

Paying the ransom is not a plan; put your money on recovery

Purchasing bitcoins or other cryptocurrencies and paying the ransom is not a viable solution. Even if you pay the ransom, 35% of the data remains encrypted.9 You still have to restore data to resume business operations fully. In addition, having data recovery is a necessity

  • Paying the ransom increases the likelihood of another attack, even by the same group
  • Governments are considering security regulations that would require organizations to provide proof of recoverability” and may prohibit ransomware payments
  • Cyber insurance companies are writing policies that exclude the ransomware payment

In any case, you need to hope for the best and plan to recover. 

Commvault readiness and recovery from ransomware

Commvault provides the most robust ransomware protection, detection, and recovery for the widest variety of workloads, whether virtual, physical, cloud or SaaS. Commvault simplifies and scales ransomware recovery within a single platform that features an intuitive administrative dashboard.

Most complete ransomware protection & broadest coverage.

Best visibility across your data to manage and identify risk.

Consistent repeatable processes and the most recovery options.

Learn more about Commvault Cyber Threat Protection and Recovery 

Commvault Customer: American Pacific Mortgage

Watch video

Sify partners with Commvault

Read case study

Luzhou Laojiao increases backup success rate

Get the story

Coverage for your entire environment

Your data is dispersed across a mixed environment from tape libraries to containers, physical to virtual to cloud, endpoints to the data center, and everything in between. While the environment is diverse and data dispersed, an enterprise requires a single, comprehensive solution that provides industry-leading coverage. 

Commvault has your ecosystem covered and protected. Commvault supports the broadest range of applications, databases, public cloud environments, OSs and hypervisors, NAS systems, and primary storage arrays. Learn more at Supported Technologies.

Comprehensive portfolio

Ransomware protection and recovery

You’ve seen the headlines – organizations with their data held hostage and payouts to perpetrators to restore it.

Recovery readiness: Getting back to business

Read now

Introduction to Commvault’s ransomware defense

Watch now

The multi-layered
approach to data
protection and recovery

Learn more

References

1 McAfee, The Hidden Costs of Cybercrime, by Zhanna Malekos Smith, Eugenia Lostri, and James A. Lewis, Project Director, December 2020.

2 Coveware, Ransomware Payments Fall as Fewer Companies Pay Data Exfiltration Extortion Demands, February 1, 2021

3 VMware, Threat Research: Amid COVID-19, Global Orgs See a 148% Spike in Ransomware Attacks; Finance Industry Heavily Targeted, April 15, 2020.

4 Mass.gov, Know the types of cyber threats, 2021.

5 IT Governance Ltd, Types of cyber threat in 2021, 2021

6 Kasperksy, What is a Zero-day Attack? – Definition and Explanation.

7 Deep Instinct, 2020 Cyber Threat Landscape Report, 2020.

8 CyberCrime Magazine, Global Ransomware Damage Costs Predicted to Reach $20 (USD) by 2021, Steve Morgan, October 21, 2019.

9 SOPHOS, The State of Ransomware 2021, April 2021