Cloud
Security
May 6, 2022 By Kurt Messingschlager 3 min read

With the rapid evolution of different kinds of cyber-attacks, establishing a plan for cyber resiliency is more important than ever.

In my previous blog entitled “Cyber Resiliency 101: Required learning for all,” I said “Cyber threats like ransomware, which made its very first appearance in 1989 and has been on security teams’ and law enforcement’s radar for the past seven or eight years, are not fads. It’s not going away.”

Ransomware has evolved a lot since its inception and will continue to evolve, meaning that it will improve in its nefarious aims. It’s getting more sophisticated and more destructive, and it is only going to get worse. Ransomware is not the only cybersecurity threat that organizations need to be aware of, however; 2022 has seen an uptick in the use of wiperware.

Cyberattacks

2021 and prior

  • Malware:
    • Type of attack: Data theft
    • Motive: Profit-driven
  • Ransomware:
    • Type of attack: Data encryption
    • Motive: Profit-driven

2022 and beyond

  • Malware:
    • Type of attack: Data theft
    • Motive: Profit-driven
  • Ransomware:
    • Type of attack: Data encryption
    • Motive: Profit-driven
  • Wiperware:       
    • Type of attack: Data deletion
    • Motive: Chaos-driven

What is ransomware?

Ransomware is an attack where a bad actor can infiltrate a business, government or personal network and encrypt any data, making it impossible for the user to access the data. The bad actor can then demand ransom money or payment in order to unlock or decrypt the data to return it to its previous state. However, paying the ransom does not always guarantee that the data will be decrypted.

What is wiperware?

A wiper attack involves deleting/overwriting/removing data from a victim using wiperware. Unlike typical cyber-attacks, which tend to be for monetary gain, wiper attacks are destructive in nature and do not involve a profit motive. However, it is possible that wiper malware may be used to cover the tracks of data theft.

Wiperware has reportedly been used in Ukraine, and considering the current state of the world — whether state-sponsored or by individuals (who can easily obtain the code) — it is not far-fetched to see an uptick of wiperware being used in other regions or countries.

Cybersecurity and cyber resiliency

Both wiperware and ransomware present a serious threat to both cybersecurity and cyber resiliency. But what exactly are cybersecurity and cyber resiliency, how are they related and what is the difference between the two? Fundamentally, cybersecurity is how an organization protects its information and assets from any outside threat or cyberattack. This includes fortifying structures/systems and reducing vulnerabilities in order to minimize the likelihood of a cyber breach.

Cyber resiliency builds upon cybersecurity. Cybersecurity is preventative in nature — as in, “Let’s lock all the doors to keep any bad actors out.” The objective of cyber resiliency, on the other hand, is to prevail in the event of a cyber breach — as in, “It’s very likely that we will be breached. We need to plan and prepare now to continue operations despite a breach.”

In short, cyber resiliency is “Plan B” for when the attackers succeed and become intruders. Cyber resiliency’s objectives are two-fold — protecting crucial data and providing the ability to quickly recover in order to resume normal business operations.

Any celebrity or high-profile VIP knows the difference between security measures and resiliency measures. A VIP does not live in a typical suburban home with little security erected or resiliency built-in. Their homes have layers of security — perimeter walls/gates, video surveillance, an entry gate with security guard, security personnel with dogs patrolling the premises, alarms on windows and door, etc. But that is not all they have; they have a “Plan B” in the form of resiliency measures, too! When all security measures fail and an intruder makes their way into a VIP’s home, the VIP can fall back or escape into a “panic room” or “safe room.” 

Cyber resiliency services to protect your data

With malware/ransomware/wiperware continuing to evolve, becoming more sophisticated and more destructive, it is crucial that organizations follow the lead of VIPs and design “safe rooms” for their Very Important Data (VID).

For those who would rather not go it alone and would prefer some outside assistance and expertise, IBM System Lab Services offers two different cyber resiliency services:

  • Cyber Incident Response Storage Assessment (CIRSA)
  • Cyber Vault – Architectural Workshop (CV-AW)

Both are “open systems only” (excludes mainframe) assessments focused on cyber resiliency:

  • CIRSA is strategic and has a wider scope: Applications/data sitting in block, file and object environments. The CIRSA report contains vendor-neutral/agnostic recommendations, but showcases the IBM cyber resiliency solutions in the future-state design.
  • CV-AW is tactical and has a targeted scope: Applications/data sitting on IBM Block platforms (e.g., Spectrum Virtualize or FlashSystems). The CV-AW report produces Cyber Vault/SGC architecture and solution sizing and tees off phase two and three of the Cyber Vault offering. Note: CV-AW is phase one of the three-phase Cyber Vault service offering.

To learn more about these cyber resiliency services, please contact IBM Systems Lab Services.

Was this article helpful?
YesNo
Kurt Messingschlager
Senior Storage Consultant

More from Cloud
May 23, 2024

Enhance your data security posture with a no-code approach to application-level encryption

4 min read - Data is the lifeblood of every organization. As your organization’s data footprint expands across the clouds and between your own business lines to drive value, it is essential to secure data at all stages of the cloud adoption and throughout the data lifecycle. While there are different mechanisms available to encrypt data throughout its lifecycle (in transit, at rest and in use), application-level encryption (ALE) provides an additional layer of protection by encrypting data at its source. ALE can enhance…

May 23, 2024

Attention new clients: exciting financial incentives for VMware Cloud Foundation on IBM Cloud

4 min read - New client specials: Get up to 50% off when you commit to a 1- or 3-year term contract on new VCF-as-a-Service offerings, plus an additional value of up to USD 200K in credits through 30 June 2025 when you migrate your VMware workloads to IBM Cloud®.1 Low starting prices: On-demand VCF-as-a-Service deployments begin under USD 200 per month.2 The IBM Cloud benefit: See the potential for a 201%3 return on investment (ROI) over 3 years with reduced downtime, cost and…

May 20, 2024

The history of the central processing unit (CPU)

10 min read - The central processing unit (CPU) is the computer’s brain. It handles the assignment and processing of tasks, in addition to functions that make a computer run. There’s no way to overstate the importance of the CPU to computing. Virtually all computer systems contain, at the least, some type of basic CPU. Regardless of whether they’re used in personal computers (PCs), laptops, tablets, smartphones or even in supercomputers whose output is so strong it must be measured in floating-point operations per…

IBM Newsletters

 Get our newsletters and topic updates that deliver the latest thought leadership and insights on emerging trends.
Subscribe now More newsletters