EDITOR ’ S QUESTION
DAVID FRIEND , CEO AND FOUNDER OF WASABI
In 2017 , thousands of websites across South Korea went offline for weeks as a result of a ransomware attack on the web-hosting firm , Nayana . Even after paying a then-record US $ 1 million ransom , hundreds of customer websites could not be recovered and thousands more were left in business limbo as they waited for Nayana to go back online .
Over the following months , it was revealed that Nayana had suffered a direct attack on its Linux servers at its data centre – one of the first publicised instances of a whole data centre being compromised by a ransomware attack . entry point for a ransomware package to laterally move into a data centre .
That means that hardening the data centre needs to be a top priority . Security experts generally emphasise the importance of keeping systems patched , but it ’ s important to recognise that hackers can be one step ahead of your software and firmware .
That ’ s why data centre leaders need to push for the adoption of extensive analytics in their data centres to monitor traffic on servers and networks , so as to be able to spot unusual behaviour .
In the four years since the attack , the threat of ransomware has continued to grow for both data centre operators and enterprises in virtually every industry .
The ransomware threat doesn ’ t just beget a deadweight loss in terms of either forcing data centre operators to pay out a ransom , or allowing their data to be irrevocably lost .
Suffering a ransomware attack , especially one that brings down client-side operations , means a tremendous loss in productivity and customer confidence .
Given how lucrative this practice is for cybercriminals and the ongoing rise of cryptocurrencies that can facilitate ransom extraction , this is a trend the data centre industry must adapt to .
In the past , the only entry point from ransomware was usually a single on-premise user who succumbed to a phishing email . However , with the increasing sophistication of hackers , it ’ s now possible for security lapses in a client or a technology partner to provide an
This should be complemented by the use of white lists to restrict processes and applications allowed to run on servers , so as to prevent the deployment of many ransomware packages .
Another important factor for industry leaders to consider is ensuring that , alongside keeping their existing systems patched , they also avoid using obsolete systems in their data centres .
Legacy hardware and software can present an easy access point for malware of all sorts , including ransomware , and can risk compromising your entire data centre .
Suffering a ransomware attack , especially one that brings down client-side operations , means a tremendous loss in productivity and customer confidence .
www . intelligentcio . com INTELLIGENTCIO EUROPE 35