Protect Against Ransomware and Maximize Business Continuity with IBM Cloud Cyber Recovery

5 min read

This blog looks at the three distinct types of data protection that exist today and introduces IBM Cloud Cyber Recovery concepts.

We will see, using IBM Cloud Cyber Recovery, how organizations can now protect valuable data from modern threats through backup, disaster recovery and cyber recovery.

Data increasingly manages our business and personal lives, and today's global organizations rely on the constant flow of data across the interconnected network world. At the same time, the business risk also goes up significantly by increasing the quantity and value of data. With data continuing to increase in value, organizations need to recover critical data quickly if it becomes compromised.

Additionally, business transformation, advanced cyber-attacks and insider errors are constant threats. As the information footprint expands, organizations continue to look to the cloud for easy, cost-effective modernization methods, adding yet another opportunity for compromising an organization's critical data. Ongoing threats are continuing, and while standard backup and disaster recovery are crucial, they are not enough. Cyber resiliency—with a cost-effective isolated recovery environment—can add the necessary protection.

The ongoing threats to data are not diminishing

The client research in the 2022 release of the IBM Cost of a Data Breach report reveals a startling increase in breaches, with 83% of organizations studied having had more than one data breach and 45% of the breaches being cloud-based. Transforming infrastructure to the cloud does not automatically equate to better data protection.

The report further shares that 60% of organizations' breaches led to increased costs, which were passed on to customers.

Data resiliency, the cloud and the business of ransomware

Advanced threats are only part of organizations' risks in moving to the cloud. The issue is being able to recover the data and ensure business continuity. Data resiliency through using standard backups has dramatically evolved over the years as technology has advanced. Now, the need to recover data, files and file structure, virtual machines and infrastructure has made disaster recovery (DR) data centers a necessity.

IBM has recognized the value of DR and backup by leveraging these use cases and providing increased client value through the IBM Cloud business model for disaster recovery. Using IBM Cloud as secure disaster recovery, infrastructure for cloud or on-premises disaster protection brings the following benefits:

  • Geographic redundancy: Enable higher resiliency and availability.
  • Affordability: Consume resources when (and as) needed.
  • Scalability: Dynamically grow or shrink your cloud resource requirements.
  • Immutable object storage: Protect and preserve records and maintain data integrity in a WORM (Write-Once-Read-Many), non-erasable and non-rewritable manner.
  • COS replication

By combining the value of the cloud with the VMware virtualization model, organizations can now lower costs and complexity while maintaining the level of compliance and data resiliency needed.

The ransomware business, however, continues to expand and evolve. This evolution drives the ransomware's technology and quality and pushes the attacks into a new business model.

This means that organizations now face Ransomware-as-a-Service (RaaS). RaaS is now making it easier than ever for a threat actor to attack an organization. The attack motives can be any number of reasons—including financially motivated, political or destructive—with no restrictions on the operator having any technical knowledge. In addition, multiple ransomware operators now offer a wide array of tools and services to make ransomware attacks more effortless. RaaS is now a complete business model that includes marketing and technical support operations. This now puts backup and disaster recovery solutions to the test.

Business continuity: Protecting the data in the cloud

With business-driven applications moving to the cloud, standard backups coupled with DR have been working and evolving to help protect data. However, with the value of business data increasing and the agile nature of application development, advanced threats like ransomware are following along into the cloud model. Using backup and DR solutions cannot always keep up. Now, by adding cyber resiliency capabilities to IBM Cloud, a third level or layer of protection is emerging. Just as there are differences in capabilities between backup and DR, cyber recovery brings its own specific nature to protecting critical data.

Until today, business continuity meant combining the best of standard data backup with disaster recovery technology. By providing cost-effective DR in the IBM Cloud, IBM has reduced the high cost overhead of replicating to a DR data center. Now, by providing an isolated hardened infrastructure in the cloud, IBM has taken the next step clients need for cyber resiliency.

First, it is essential to understand how disaster recovery and cyber recovery work together. Disaster recovery focuses on protecting the business from geological or regional incidents. It’s usually comprehensive in its data volume, and in the case of an incident, the point of recovery and fallback is quick—sometimes instantaneous.

Cyber recovery differs slightly and protects the entire business from a targeted selective attack. The key to recovery is the reliability of the data. Since the data is critical, the impact on the company is global—a situation different from the regional, more contained incident when a DR infrastructure provides protection. Admin access to the isolated recovery environment is highly protected, and data is typically scanned to ensure reliable recovery.

IBM Cloud Cyber Recovery

With IT transformation to the cloud, IBM continues to follow the momentum by engineering and providing an automated, isolated, cyber-resilient infrastructure. Working with key partners like VMware, Juniper and Veeam, a completely engineered cyber recovery infrastructure can provide the foundation for clients and partners to create a hardened and virtual "air-gapped" environment for protecting critical data copies and backups.

Read the cyber recovery solution guide.

The IBM Cloud Cyber Recovery solution guide describes the automated tasks that create two cyber-resilient solution architectures: an immutable storage environment and an isolated recovery environment. Clients use immutable, unalterable storage technology for configuration data and write-once-read-many. Isolated recovery storage works to prevent corruption and ensures that recovered data is intact. In addition, network isolation separates the production environment from the isolated environment, providing a virtual "Air-Gap" for added protection from production network malware or attack. The solution guide also discusses the use cases for creating backups and making these backups available only to security administrators.

The automated IBM Cloud Cyber Recovery uses the following:

  • IBM Cloud® CLI commands to automatically deploy the infrastructure
  • Automation to install all software and associated licenses
  • Ansible® for operating system configuration
  • PowerShell for the automation of Veeam®

For a detailed understanding of the two solution architectures, see the overview of cyber recovery with Veeam architecture in the guide.

Summary

Ransomware incidents can rob organizations of the data they need to operate, add risk to mission-critical services and impact the business. Modern malicious actors continue to evolve and adjust their tactics and tools. Production data is the latest target, with actors using lateral movement and backup credentials to access critical data and propagate ransomware across entire networks.

IBM is meeting the challenges of protecting the valuable data an organization needs to survive and providing the confidence for data resiliency. IBM Cloud Cyber Recovery brings an easy-to-deploy automated solution complete with a customizable virtual network air gap, immutable storage and a protected recovery environment.

Now, with the cost-effective IBM Cloud, organizations can prepare a solid data resiliency strategy to include backup, disaster recovery and cyber recovery protection—all working in concert to keep your organization's business in business.

Check out the solutions guide today as a first step.

Be the first to hear about news, product updates, and innovation from IBM Cloud