May 17, 2021
The ransomware outbreak hit home for millions of Americans last week when attackers shut down a major East Coast pipeline as well as a hospital network on the West Coast. For IBM i shops, the events are a potent reminder to re-evaluate network security and data protection systems to ensure they’re resilient from attack.
You could be forgiven for thinking you were watching an episode of Mr. Robot last week as news spread of the shutdown of Colonial Pipeline network, which provides 45 percent of the gasoline for the entire East Coast of the United States through 5,500 miles of pipes. Thousands of gas stations in the Southeast ran out of fuel amid the supply interruptions and subsequent hoarding by panicked citizens.
If it seems like there are more ransomware attacks occurring, that’s because there are. According to a recent report from the Institute for Security + Technology’s Ransomware Task Force, ransomware rose significantly in the past year. The report found that American firms paid an estimated $350 million in ransom to attackers in 2020, which was a 311 percent increase over the previous year. The average payment, typically made in Bitcoin, was over $312,000, which was an increase of 171 percent.
The impact of ransomware is being felt by organizations large and small, including at IBM i shops, says Jim Kandrac, president of UCG Technologies, which provides the VAULT400 data protection and disaster recovery services for IBM i and other servers.
“Generally we don’t hear a whole heck of a lot until there’s a problem,” Kandrac tells IT Jungle. “However, there are a certain number of customers that are proactive. It’s fewer that are proactive than reactive. Unfortunately, having said that, this recent cyberattack on the East Coast has caused, certainly, more of a concern with people.”
UCG Technologies sells data protection gear and services that can help companies recover quickly from a ransomware attack without paying the ransom, which is actually illegal, the U.S. Treasury Department reminded us in an October memo. Having ready access to high quality daily backups of one’s data – whether it’s sitting on a tape, a VTL device, or in the cloud – is a critical factor in preventing ransomware from impacting your operations.
In addition to backup and disaster recovery solutions, UCG Technologies offers cybersecurity training designed to prevent ransomware attacks from occurring in the first place. The Cleveland, Ohio, company has a partnership with Tampa, Florida, firm called KnowBe4 that conducts phishing tests and security training. UCG is also teamed up with another Cleveland company, called Briteskies, which provides IBM i security services that can help minimize the chance that an IBM i server can be impacted by ransomware in the first place.
“I believe that training to educate people on what not to click on is as important as the data protection,” Kandrac says. “As we say, we’re protecting the front door and the back door with the VAULT400 and the DR, but we’re also protecting the side doors and the windows with the KnowBe4 before managed service, because guess what? That’s where people are getting in today. They’re getting in because Joe or Sally clicks on an email that says ‘help Pizza Hut celebrate our anniversary, click here for a free personal pan pizza,’ or whatever.”