3 ways microsharding technologies can mitigate ransomware – Security Magazine
Image from Pixabay
If there’s one threat that keeps the average information technology (IT) security leader awake at night, it’s the threat of ransomware, which continues to plague businesses across the globe. One recent report predicts that by 2031, ransomware will cost the economy around $265 billion each year, with a new attack happening every two seconds.
Even after a ransom has been paid, it’s unlikely a company’s data will be retrieved in its entirety. One industry study noted that only 8% of ransomware victims were able to recover all of their data after paying a ransom, while nearly a third reported that they were unable to recover more than half of their data.
To make matters worse, ransomware operators have embraced an array of insidious tactics to extract payments from their victims, such as double (or even triple) extortion, in which an attacker not only encrypts the victim’s data but then threatens to publicly disclose sensitive data, including user personal identifiable information (PII) or other confidential intellectual property (IP) whose public release could cause reputational damage.
In response to the evolving tactics of bad actors, security professionals are considering a range of cybersecurity strategies to combat ransomware as well. Perhaps the most common way in which companies protect themselves against ransomware is by ensuring that their most sensitive data is encrypted and regularly backed up. However, this strategy is fallible — many ransomware actors use techniques that make data retrieval complicated.
Security professionals can consider strategies other than encryption to protect company data in the event of a ransomware attack. Microsharding is a coordinated, three-step process that consists of shredding, mixing and distributing data across multiple storage repositories. It’s based loosely on the concepts of RAID 5 and traditional sharding — a process used to distribute a single dataset across multiple databases to increase a system’s total storage capacity.
Think of microsharding as putting a document through a shredder, taking the shredded pieces and sending them through a few more times, and then mailing each individual piece of confetti to numerous undisclosed locations. When data is shredded like this, the resulting microshards are too small — as small as just a few bytes per piece — to contain any sensitive data.
Microsharding goes a step further by mixing a company’s sensitive data with poison data; automatically scrubbing the files of identifying information such as file names, file extensions, and other metadata; and then distributing the tiny shards across multiple containers of the user’s choice in multi- and hybrid-cloud environments.
While there are many ways that microsharding can ensure the integrity of sensitive data in general, it has three features that are particularly well-suited to protecting against a ransomware attack:
As long as cybercriminals have the means and incentives to execute ransomware attacks, they will continue to do so. And as security professionals have seen these past few years, targeting sensitive data remains a powerful incentive. By desensitizing sensitive data using technologies like microsharding, businesses can significantly reduce the impact of cyberattacks while also disrupting the business model of these bad actors.
Bob Lam is the CEO and Co-Founder of ShardSecure. Prior to founding ShardSecure, Bob was the Co-Founder of Bayshore Networks, a leading Industrial IoT cybersecurity company, and the VP of Business Development at NeoAccel (acquired by VMware) and Pareto Networks (acquired by Aerohive). Bob also served as Managing Director at JP Morgan/Bear Stearns, where he led the cybersecurity practice.
You must have JavaScript enabled to enjoy a limited number of articles over the next 30 days.
Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company. Interested in participating in our Sponsored Content section? Contact your local rep.
Business-impacting events such as severe weather, man-made disasters, and supply chain disruption are increasing in frequency and making impacts around the globe.
Push-to-Talk over Cellular (PoC) is today’s Nextel radio network with nationwide voice, text, and video calling that can be quickly deployed with no infrastructure costs.
Effective Security Management, 5e, teaches practicing security professionals how to build their careers by mastering the fundamentals of good management. Charles Sennewald brings a time-tested blend of common sense, wisdom, and humor to this bestselling introduction to workplace dynamics.
Copyright ©2022. All Rights Reserved BNP Media.
Design, CMS, Hosting & Web Development :: ePublishing