Cloud
Security
May 6, 2022 By Kurt Messingschlager 3 min read

With the rapid evolution of different kinds of cyber-attacks, establishing a plan for cyber resiliency is more important than ever.

In my previous blog entitled “Cyber Resiliency 101: Required learning for all,” I said “Cyber threats like ransomware, which made its very first appearance in 1989 and has been on security teams’ and law enforcement’s radar for the past seven or eight years, are not fads. It’s not going away.”

Ransomware has evolved a lot since its inception and will continue to evolve, meaning that it will improve in its nefarious aims. It’s getting more sophisticated and more destructive, and it is only going to get worse. Ransomware is not the only cybersecurity threat that organizations need to be aware of, however; 2022 has seen an uptick in the use of wiperware.

Cyberattacks

2021 and prior

  • Malware:
    • Type of attack: Data theft
    • Motive: Profit-driven
  • Ransomware:
    • Type of attack: Data encryption
    • Motive: Profit-driven

2022 and beyond

  • Malware:
    • Type of attack: Data theft
    • Motive: Profit-driven
  • Ransomware:
    • Type of attack: Data encryption
    • Motive: Profit-driven
  • Wiperware:       
    • Type of attack: Data deletion
    • Motive: Chaos-driven

What is ransomware?

Ransomware is an attack where a bad actor can infiltrate a business, government or personal network and encrypt any data, making it impossible for the user to access the data. The bad actor can then demand ransom money or payment in order to unlock or decrypt the data to return it to its previous state. However, paying the ransom does not always guarantee that the data will be decrypted.

What is wiperware?

A wiper attack involves deleting/overwriting/removing data from a victim using wiperware. Unlike typical cyber-attacks, which tend to be for monetary gain, wiper attacks are destructive in nature and do not involve a profit motive. However, it is possible that wiper malware may be used to cover the tracks of data theft.

Wiperware has reportedly been used in Ukraine, and considering the current state of the world — whether state-sponsored or by individuals (who can easily obtain the code) — it is not far-fetched to see an uptick of wiperware being used in other regions or countries.

Cybersecurity and cyber resiliency

Both wiperware and ransomware present a serious threat to both cybersecurity and cyber resiliency. But what exactly are cybersecurity and cyber resiliency, how are they related and what is the difference between the two? Fundamentally, cybersecurity is how an organization protects its information and assets from any outside threat or cyberattack. This includes fortifying structures/systems and reducing vulnerabilities in order to minimize the likelihood of a cyber breach.

Cyber resiliency builds upon cybersecurity. Cybersecurity is preventative in nature — as in, “Let’s lock all the doors to keep any bad actors out.” The objective of cyber resiliency, on the other hand, is to prevail in the event of a cyber breach — as in, “It’s very likely that we will be breached. We need to plan and prepare now to continue operations despite a breach.”

In short, cyber resiliency is “Plan B” for when the attackers succeed and become intruders. Cyber resiliency’s objectives are two-fold — protecting crucial data and providing the ability to quickly recover in order to resume normal business operations.

Any celebrity or high-profile VIP knows the difference between security measures and resiliency measures. A VIP does not live in a typical suburban home with little security erected or resiliency built-in. Their homes have layers of security — perimeter walls/gates, video surveillance, an entry gate with security guard, security personnel with dogs patrolling the premises, alarms on windows and door, etc. But that is not all they have; they have a “Plan B” in the form of resiliency measures, too! When all security measures fail and an intruder makes their way into a VIP’s home, the VIP can fall back or escape into a “panic room” or “safe room.” 

Cyber resiliency services to protect your data

With malware/ransomware/wiperware continuing to evolve, becoming more sophisticated and more destructive, it is crucial that organizations follow the lead of VIPs and design “safe rooms” for their Very Important Data (VID).

For those who would rather not go it alone and would prefer some outside assistance and expertise, IBM System Lab Services offers two different cyber resiliency services:

  • Cyber Incident Response Storage Assessment (CIRSA)
  • Cyber Vault – Architectural Workshop (CV-AW)

Both are “open systems only” (excludes mainframe) assessments focused on cyber resiliency:

  • CIRSA is strategic and has a wider scope: Applications/data sitting in block, file and object environments. The CIRSA report contains vendor-neutral/agnostic recommendations, but showcases the IBM cyber resiliency solutions in the future-state design.
  • CV-AW is tactical and has a targeted scope: Applications/data sitting on IBM Block platforms (e.g., Spectrum Virtualize or FlashSystems). The CV-AW report produces Cyber Vault/SGC architecture and solution sizing and tees off phase two and three of the Cyber Vault offering. Note: CV-AW is phase one of the three-phase Cyber Vault service offering.

To learn more about these cyber resiliency services, please contact IBM Systems Lab Services.

Was this article helpful?
YesNo
Kurt Messingschlager
Senior Storage Consultant

More from Cloud
August 27, 2024

Cloud investments soar as AI advances

3 min read - These days, cloud news often gets overshadowed by anything and everything related to AI. The truth is they go hand-in-hand since many enterprises use cloud computing to deliver AI and generative AI at scale. "Hybrid cloud and AI are two sides of the same coin because it's all about the data," said Ric Lewis, IBM’s SVP of Infrastructure, at Think 2024. To function well, generative AI systems need to access the data that feeds its models wherever it resides. Enter…

August 21, 2024

3 keys to building a robust hybrid cloud risk strategy

2 min read - Hybrid cloud has become the new normal for enterprises in nearly all industries. Many enterprises have also deployed a hybrid multicloud environment that’s reliant on an ecosystem of different cloud service providers. According to an IBM Institute for Business Value report, 71% of executives think it’s difficult to realize the full potential of a digital transformation without having a solid hybrid cloud strategy in place. Managing complex business operations across a hybrid multicloud environment presents leaders with unique challenges, not…

August 15, 2024

The power of embracing distributed hybrid infrastructure

2 min read - Data is the greatest asset to help organizations improve decision-making, fuel growth and boost competitiveness in the marketplace. But today’s organizations face the challenge of managing vast amounts of data across multiple environments. This is why understanding the uniqueness of your IT processes, workloads and applications demands a workload placement strategy based on key factors such as the type of data, necessary compute capacity and performance needed and meeting your regulatory security and compliance requirements. While hybrid cloud has become…

IBM Newsletters

 Get our newsletters and topic updates that deliver the latest thought leadership and insights on emerging trends.
Subscribe now More newsletters