Ransomware attacks
The proliferation of unstructured data has created a massive data management and security problem for enterprises. As ...
The proliferation of unstructured data has created a massive data management and security problem for enterprises. As much of 80% of all data will be unstructured by 2025, according to an IDC report IBM cited in a recent article.
Enterprises can use unstructured data to gain deeper insights into customer behavior, improve processes and even predict system failures through machine learning and artificial intelligence. Unfortunately, cybercriminals can also take advantage of this data to expose trade secrets, publish sensitive customer information, or extort ransoms in exchange for encryption keys allowing companies to restore critical business operations.
As the line between home and work becomes increasingly blurred, employees are storing work documents on personal devices or uploading files to cloud apps on company devices, creating weak links in enterprise data security.
Recent ransomware attacks highlight the costly impact of these breaches.
How unstructured data is used in ransomware attacks
Cybercriminals target the weakest links in industries that have the most to lose in a ransomware attack — such as financial services companies with sensitive data, government agencies that support critical public services, healthcare organizations and law firms.
They may target individual devices with phishing attacks, as we’ve seen more often since the start of the pandemic.
Others like LockBit and Maze operate ransomware-as-a-service schemes, paying affiliate hackers to find and expose vulnerable unstructured data.
The costs of ransomware attacks
The payouts from these ransomware attacks can be millions of dollars, as we’ve seen in several high-profile cases like United Healthcare Services, CWT Global and Colonial Pipeline. The average ransom demand was over $338,000 in the second quarter of 2020, according to cyber insurance firm Coalition, more than triple the average demand the previous year.
And the cost of lost business, lawsuits stemming from HIPAA violations, and reputational damage goes far beyond that.
The ransomware attack on United Healthcare Services shut down the entire company for three weeks, resulting in $67 million in lost revenue and recovery costs.
The Colonial Pipeline ransomware attack resulted in a full shutdown of the gas pipeline system for the first time in the company’s 57-year history, resulting in a shortage and surging fuel prices.
The attackers gained access to a virtual private network through an employee password believed to have been leaked in a previous attack.
The flaws with traditional enterprise data security solutions
Many organizations use a combination of enterprise data security solutions to protect against ransomware attacks, including network access controls, multi-factor authentication, monitoring, data backup, redundancy and data encryption.
However, these solutions still leave gaps.
Companies often implement a single solution at a time to address a specific use case.
The IT team may be responsible for implementing firewalls and managing data backup. The security team introduces new data access controls in response to a data breach or new compliance regulations.
This can result in inconsistent application across departments and storage environments and a lack of overall visibility.
As companies add new storage environments, it becomes more difficult to apply the same enterprise data security protections to them all.
Applying encryption and backup to data on a desktop is different from deploying these same tactics in Azure or AWS.
Securing data in the cloud introduces new vulnerabilities, such as IAM policy misconfigurations that can inadvertently expose sensitive data.
These disparate solutions aren’t always designed to work together, requiring custom integrations or time-consuming workarounds.
And they can create limitations as your company grows, locking you into expensive contracts with a single vendor when you need to spin up new cloud environments quickly.
The most glaring shortfall of traditional enterprise security solutions is often only evident after a ransomware attack, when businesses attempt to restore their encrypted data. They need to be able to access backup data immediately while at the same time ensuring no single point of failure allows a malicious actor to do so.
A better way to manage enterprise data security
To protect both structured and unstructured data from ransomware attacks, today’s enterprises need more than traditional perimeter security solutions. Matching a perimeter security layer with a data security layer protects against data loss while enabling complete data recovery in the event of a cyberattack.
Myota’s Converged Data Protection Platform transforms unstructured data into immutable files capable of withstanding attacks. It combines Zero Trust access controls, data encryption, sharding and dispersion into a single solution security and IT teams can implement in minutes.
To learn more about the challenges with traditional approaches to protecting unstructured data and how to overcome them, join us for our upcoming webinar, The Next Generation of Information Protection In Your Cloud Environment.