Ransomware remains the top global cybersecurity threat facing large and small businesses across practically every industry sector. The volume and nature of these attacks constantly evolve, and ransomware operators always seem to develop new and creative ways to inflict the maximum amount of damage to extract payment from their victims.
The growing ransomware threat presents unique challenges not just to security teams tasked with defending the network but also to the frontline IT workers who must quickly re-build their systems to minimize disruption to their business. This topical case study explores the many challenges that ransomware attacks present to IT teams. It showcases several examples from a diverse range of industries and how Scale Computing helps to prevent these attacks and mitigate their impact in the worst-case scenario.
Ransomware Targets Backup Systems: Attackers are increasingly using endpoints to enter primary environments in order to access and encrypt a victim’s backup systems before compromising their production environments.
Snapshots Alone Are Not Enough: Although snapshots are extremely useful for the local recovery of data from a number of operational disasters, a truly resilient backup strategy requires that snapshots be replicated onto another device, ideally to another geographical location.
Poor VM Backup Practices: According to one study, nearly half of the organizations protect less than half of their VMs with a recovery plan, and almost a quarter of them back up less than half of their virtual environment each day.
Growing Attack Surface: Conventional 3-2-1 architecture runs on a combination of network, server, and storage hardware components, meaning that ransomware operators have three times the number of potential surface vectors upon which to wage their attacks.
Scale Computing Platform
It's impossible for an organization to completely prevent a ransomware attack. But, organizations can mitigate the most negative effects of a ransomware attack by improving their storage and data recovery systems in advance.
Scale Computing Platform combines everything you need: virtualization, servers, storage, and backup/disaster recovery with powerful fleet management to deliver a single manageable solution at scale for distributed edge locations.
Clean, Reliable Backups: Scale Computing integrates with third-party backup vendors you already know and trust to deliver different levels of unique storage subsystems - there’s no need to install an agent on guest VMs in order to perform host-level backups.
Immutable Snapshots: Immutable snapshots can be used to recover entire VMs or individual files. By replicating these snapshots to remote SC//Platform systems, VMs can be recovered even after a complete site failure at the primary location. By their very definition, they are immutable to attacks.
Seamless VM Replication: All Scale Computing software systems include a free, built-in feature for system-to-system replication at the per-VM level. System-to-system replication is designed to run continuously and transmit changes to a secondary system as quickly as possible.
Smaller Footprint, Smaller Attack Surface: A properly architected HCI solution radically reduces the attack surface by doing things like eliminating storage protocols, and not simply virtualizing SANs. Storage protocol-based attacks simply won’t work with HCI infrastructure.
Customers worldwide who have had ransomware attacks have been back up in minutes without paying a penny! They did not have to wait days or weeks to recover and get their business back up. Choosing Scale Computing and the data protection options it natively provides ensures your cyber defenses are working smarter, not harder
Savings – It takes 50% fewer hours to manage the infrastructure at the Zillertal Gletscherbahn. As a result of the simplicity of SC//HyperCore and dramatically reduced management time, GiGaNet lowered the monthly managed services bill to the Zillertaler Gletscherbahn by 75%, a huge saving.
Lower initial acquisition cost - To upgrade to a new Hyper-V environment was costly and about 30% more expensive than the Scale Computing environment that was offered.
Updates – Updates were done after business hours. This was not only more costly, but it also took significantly longer and systems were not available during the upgrade process. Upgrading with SC//HyperCore is easy, and just as important, the clusters continued operations and users never experienced downtime during the upgrade process.
Security – This is important to the Zillertaler Gletscherbahn as well. It must keep downtime to a minimum and if something happens, recovering from a security breach is much faster and easier compared to their old environment.
Had we completed our Scale Computing deployment we would have been back in operation much sooner. Everything we had on Scale Computing backups and snapshots was ‘easy peasy’ to bring back online.— Director of Infrastructure & Operations, Major US Electronic Manufacturer
Use Case Capsules: Three Real-World Examples of How Scale Computing Helps Customers Prevent and Mitigate Ransomware Attacks
Customer Capsule #1: Major US Electronics Manufacturer
One Scale Computing customer has unfortunately experienced the agony of a ransomware attack firsthand. This customer is a publicly traded, multi-billion dollar contract manufacturer of electronics and design services, employing more than 10,000 workers across dozens of advanced manufacturing facilities around the world.
However, during their hyperconverged journey, a fast-spreading and debilitating ransomware attack hit this customer, encrypting critical data on thousands of machines and disrupting operations across all of their facilities worldwide. In response to this attack, our customer’s Director of Infrastructure was tasked with rebuilding their infrastructure as quickly as possible. As part of this effort, they reached out to multiple vendors requesting that additional storage and compute resources be supplied as quickly as possible. While the larger vendors said they could not deliver any hardware in less than 45 days, Scale Computing offered to help in any way possible and was able to meet their needs as they rebuilt their systems immediately following the attack.
As this customer tells it, “we had already deployed three Scale Computing stacks for the Proof of Concept, and those were my first sites to be backed up. Had we completed our Scale Computing deployment worldwide we would have been back in operation much sooner. Everything we had on Scale Computing backups and snapshots was quick and easy to bring back online.”
Customer Capsule #2: Classic Hotels & Resorts
Jose Solis is the IT leader for Classic Hotels & Resorts, a small chain of six luxury properties operating across Arizona and California. A potential ransomware attack threatens not only their business operations but also the privacy of their customers.
Scale Computing was partly implemented when Classic Hotels was hit by a ransomware attack in 2020. Their data on SC//Platform was simple to retrieve, and those workloads were able to be quickly backed up and restored. In contrast, the traditional backups they had to retrieve and get back into production took anywhere from a few hours to a few days to restore.
As Solis later recounted, “A ransomware attack can be a truly devastating event. We know this from direct experience. In the event of another attack, an agile infrastructure should be able to restore data from wherever it might be located and do so in a matter of minutes or hours versus days or weeks. Obviously, now that we have fully implemented the SC//Platform we see the advantage and it gives us peace of mind that we can recover in any situation.”
Customer Capsule #3: US-Based Precision Manufacturer
Based in the Midwest, this customer is a precision metal stamping manufacturer, producing custom metal stampings for the automotive, medical, and electronics industries. In October 2020, this manufacturer’s IT system was compromised over the weekend by a strain of ransomware which quickly encrypted all of their application servers and databases.
Their IT manager said: “It was worse than we thought. Our NAS was encrypted and inaccessible, so we lost the ‘real’ exchange backups and only had access to Scale Computing’s snapshots. We rolled the dice and tried to restore Exchange from snapshots, and it actually worked. We are online right now - thank god! Our team is currently working on getting Exchange patched, which was what the attackers used to gain access. We had been told that restoring Exchange from a snapshot was bad news, so we had been shying away from it, but in this case, it saved us big time.”
The number one thing Scale Computing has done for me is give me peace of mind. I don't fear that ransomware or something else is going to cost me my job.— IT Administrator, US Government Agency