廊子provides a highly scalable archive repository using object storage technology to provide very highcapacity storage while protecting data by spreading it across many different disk spindles and, optionally, multiple locations.
使用多层备份策略战斗勒索软件
勒索软件是一种增长最快的网络困境之一,财务影响是巨大的。联邦调查局估计2016年报告的付款达到10亿美元,而且许多从未报道过。RansomWare攻击将恶意软件引入计算机系统,系统地加密存储的文件,犯罪分子需求付款以换取解密密钥。不推荐赎金付款:他们鼓励攻击,许多组织甚至在支付后也无法恢复所有数据。一个更好的解决方案正在创建弹性数据保护系统。
Ransomware Attacks a Major University
一个例子由最近由网络犯罪分子攻击的主要美国大学提供。攻击经过精心策划。在进行完全攻击之前,使用欺诈性电子邮件和其他策略引入特洛伊木马恶意软件。恶意软件攻击NTFS中的文件,默认Windows格式,它在物理和虚拟服务器,笔记本电脑和拇指驱动器等设备之间传播。该攻击在周六晚上开始,从备份服务器开始,然后传播到其他设备。一旦在磁盘上,恶意软件通过文件工作,加密它们,以便不再读取它们。
Rapid Discovery a Key to Minimizing Damage
此次攻击可能已经发现,但是有一个新的备份管理员,他们并不完全清楚如何检测恶意软件并在第一个标志处关闭系统。恶意软件能够在管理员注意到未读取的文件并跟踪其头部之前的八个小时内加密文件,然后关闭所有系统。到那时,在120个服务器上锁定了20,000个文件,包括所有大学的虚拟机(VM)。赎金需求是巨大的六个数字。但是,该大学决定抵制支付,因为IT团队具有数据保护方法,可以允许它安全恢复数据。
磁带备份层恢复的关键组件
大学的备份始于磁盘目标 - 但由于备份存储在NTFS中,因此它们被泄露。幸运的是,IT团队也一直在写备份LTO磁带库。
Although backup copies on disk were encrypted, the tape layer was unaffected because the files were written to tape before the attack began. And even if contaminated copies had reached tape, the malware would not have been able to spread. The IT team decided to completely scrub the system and rebuild everything from the tape backups. The entire process took approximately two weeks.
归档策略可以发挥作用
Instead of rebuilding the system directly onto the disk that had been infected, the university used its archive—axinyabo体育 在使用对象存储的私有云中创建一些数据的重复副本的系统量子的典范解决方案。The team discovered that the malware did not spread to the StorNext Lattus archive.
廊子provides a highly scalable archive using object storage technology that also protects data by spreading it across many different disk spindles and, optionally, multiple locations. The team used Lattus as a safe staging area to restore the systems before installing them on the now-clean original server infrastructure.
恢复计划最小化损失
The copies on tape and the Lattus working area provided the IT team with everything it needed to recover all the backed up data and rebuild the system. The only data that had to be recreated were files stored outside the backup system on some laptops and USB drives, about 600GB.
底线?Ransomware风格的CyberAttack可能是常见的且难以完全停止,而是一种最佳实践备份策略,包括在不同类型的媒体上的多个数据副本,包括磁带,可以消除或最小化数据丢失。