Ransomware is one of the biggest cyber threats in the cybersecurity industry. However, many still struggle to get a clear picture on what it actually does to a network and how cybersecurity teams are able to prevent it from causing problems.
To learn more about ransomware, Authority sat down with Melissa Palmer, Senior Technologist at Veeam, to discover what the company knows about this ever-evolving cyber threat and how their backup and recovery solutions can help partners stop it in its tracks.
Hello Melissa and thanks for joining us today! Would you start by sharing your professional background and what brought you into the technology and cybersecurity space?
Thanks for having me! For most of my career, I’ve been heavily focused on the infrastructure of computers. Outside of my work with Veeam, I’m a VMware-certified design expert and have also done a lot of work in storage and network architecture. This experience in infrastructure helps me take into consideration how the system performs to meet partner needs.
I’ve always been fascinated about cybersecurity as a result. Even when attaining my master’s degree, I concentrated in secure systems design, and have since brought the knowledge into everything that I’ve done in my career. For example, when I worked as a VMware network administrator, I developed an incident response plan because I noticed it was something we should have been doing all along from a security standpoint, but weren’t at the time.
It’s through the culmination of these experiences that I moved into my current role at Veeam.
Can you go in-depth about your current role with Veeam and your work within the company?
I am a Senior Technologist at Veeam and in this role, I work with multiple product lines throughout Veeam’s portfolio. When a new product is released, it’s my job to communicate with our product management, R&D and product marketing teams to ensure we’re bringing attention to the latest and greatest features partners can adopt into their own systems to enhance their cybersecurity design.
I also do a lot of education in the field, hosting webinars and speaking at events to continue to show partners the capabilities of the Veeam portfolio. I talk about everything related to Veeam, but I particularly specialize in Veeam Backup and Replication. I also often educate partners on Veeam ONE, our monitoring and analytics tool, as well as Veeam Disaster Recovery Orchestrator, which is our disaster recovery tool.
Now let’s talk about the Tech Data and Veeam partnership. Can you describe from your own experience how these two companies get together to create a valuable partnership focused on cybersecurity and technology development?
I’ve worked with the Tech Data team extensively! Some of the readers may recognize me from the webinar events I’ve done with our mutual partners over the last few years.
The great thing about Tech Data and Veeam is our mutual drive to promote the best possible solutions for customers. No matter what size the customer may be or what industry they’re in, both our teams work to create cutting-edge solutions – especially in the cybersecurity space.
Speaking of cybersecurity, let’s talk about one of the biggest threats in the space – ransomware. To start, what is ransomware and how is it affecting the industry?
Ransomware is affecting companies every day and is making headlines around the world.
Ransomware is when an attacker locks a user out of their data, and requests a ransom is paid for its decryption. It starts with a malicious actor that infiltrates a computer environment and starts locking users out of their own information, encrypting files and databases so they’re inaccessible. Then, the malicious actor demands a ransom, making the user pay to have their data returned or decrypted.
The key here is that the malicious actor is depending on the victim having no way to restore their data. When victims of a ransomware attack don’t have a backup or disaster recovery plan in place, they have little choice other than to pay the ransom or lose all their data.
What’s one thing resellers and customers don’t realize about ransomware? Are there any misconceptions about this area of cybersecurity?
I think the biggest misconception is that most people think they’re too small to be a target – but ransomware attacks can happen to anyone.
We often hear about major industries getting attacked simply because they’re a household name, or the impact was just so widespread across the world it couldn’t be ignored. But these attacks can happen to any individual or organization, and all can have devastating consequences. With how often ransomware attacks occur today and the sheer impact they have when they occur, it’s no longer a matter of if you get attacked, but when you get attacked.
Another big misconception is that ransomware only means you’re locked out of your files. Today, victims of ransomware not only have to be concerned of their files being encrypted in a ransomware attack, but they also need to be concerned about all their information being stolen by the hacker. In the cybersecurity industry, we call this tactic a double extortion: the malicious actor will come in, encrypt your files, but then also steal your data in the hopes that you’ll still pay to have them return it.
The third biggest misconception I see is that partners think ransomware is unsophisticated. To the contrary, ransomware has become so sophisticated and so streamlined, that there are entire dark web organizations dedicated to “ransomware as a service.”
For example: a threat actor has gained access to an important database, and they want to extort the owners. They’ll hire one of these organizations, negotiate a price for a ransomware attack to take place, and split whatever is earned from a successful attack. The infiltrating threat actor doesn’t have to worry about maintaining the code for the ransomware or anything – the ransomware-as-a-service group does all the heavy lifting and takes their cut at the end.
How can Veeam help partners be ready to recover from ransomware?
Veeam is an expert in not only data backup solutions, but data recovery solutions as well, serving as your last line of defense in a ransomware attack.
First, Veeam makes a data system’s backups immutable. This means that if a malicious actor were to gain access to your backup files, they cannot delete them. Plus, you can scale this immutability across your entire data structure. The Veeam Scale-Out Backup Repository ensures that your data is available and secure for its entire lifecycle – whether you need it for your latest on-prem data or your S3-compatible storage for longer retention.
Another way Veeam helps partners combat ransomware is by giving users visibility into their backups through Veeam ONE. Veeam ONE is always looking at your backup files. If it sees something out of place, it sends an automated notification to IT teams noting the change. With Veeam ONE, customers can also create custom alarms to monitor their top applications. This is so they know when a program is being used for its correct purposes, and when it isn’t.
Veeam also helps partners with their ability to recover from ransomware attacks. I've personally been telling customers for a while now that you should be running a ransomware attack plan just like you run a disaster recovery plan. You can start running this plan with solutions like Veeam Disaster Recovery Orchestrator. This solution will automate the recovery, testing and documentation of your VM environment in the event of an attack. So, when the ransomware attack finally comes, organizations can be ready with an immutable backup of their system and a quick data recovery option to keep their data systems going.
How can resellers and end customers develop ransomware protection strategies with Tech Data and Veeam?
It all starts with a walkthrough assessment of the customer’s cybersecurity, disaster recovery and ransomware protection plans in place. Tech Data specializes in this type of assessment and have experts on-staff that can go through an environment and detail what needs to happen so customers can improve their security posture. Plus, with Tech Data’s array of cybersecurity offerings, they can tailor-fit a solution that best suits a customer’s needs.
But remember, there’s always that new attack vector or vulnerability on the horizon that can take down these defenses, so having a solid backup and disaster recovery plan is an important part of this cybersecurity plan. This is where Veeam comes into the picture to help secure your customers’ last line of defense, ensuring that they’ll keep their data, regardless of who is trying to compromise it.
To learn more about Tech Data, Veeam and their partnership in the backup and disaster recovery space, visit our partner page at https://shop.techdata.com/vendorpartners/veeam.
About the Author
Kelly Armstrong is a copywriter for Tech Data Agency. Starting her professional technology journey in 2017 in the sales department at Tech Data, she learned about all the great things the company has to offer to help support the future of tech. Now, she uses that knowledge to help others and enthusiastically describe the latest and greatest technologies available to today’s workforce.