If you have any centralised data storage or computer resource, like Network Attached Storage (NAS), you should be very concerned indeed about cybercrime, writes Jon Morgan.
You can’t have failed to miss the WannaCry Ransomware cyber-attack that has hit 150 countries, 1000s of computers and brought several hospitals in the UK to a halt (cancelled operations being amongst the issues).
The temptation reading about the attack is simply to think, “I keep my computers up-to-date so it couldn’t happen to me.” Or, “my critical data is on a NAS device so I don’t overly care if a PC gets compromised”. Think again.
Cybercrime is on the rise and sooner or later we will all come under attack. Some attacks are generic, like WannaCry, but other attacks are highly targeted. And, whether we are in large companies like Sony Pictures with their well-publicised issues or a small company like my own that had emails going from the chief executive to the chief financial officer asking for bank transfers to be carried out (they were of course fraudulent), we are all potential targets.
And here is a big issue: media production companies are particularly vulnerable because many of them keep all, or a significant portion, of their information assets in very few places.
Take this scenario. Your storage provider was running a great deal for you if you just buy one huge NAS device. Not minding the future, you decided to consolidate the bulk of your information onto that single solution. A hacker then compromises a PC with access to the NAS / SAN and that PC happens to have access to a large number of files.
It could be a disgruntled employee, or a kid in a bedroom 2,000 miles away, but now the hacker runs an encrypt or destroy app. It doesn’t need to take long. A targeted application doesn’t need to encrypt every byte – just enough to make the files it touches unreadable.
Just for added measure it encrypts the well-known metadata controller of your storage device. And then it destroys itself. Getting an unencrypt key is nigh impossible. Hey presto. Millions of dollars of assets are now under ransom and for just one of those millions you might get an unlock key. If you are lucky.
Worse scenarios?
I’m sure there are worse scenarios, but if you believe that this type of attack won’t happen in the future then you are wrong. Look at Sony. It won’t be a one-off. It’s already happening now to other media production companies.
But strategies to defeat this type of hack are possible. Firstly, disaster recovery systems, replication, and back-up are key to being able to getting data back if this occurs. But a deep and clever hack attack may target those systems as well. Care must be taken not to back-up or replicate the hacked data. Another challenge is that as a large media producer handling potentially Petabytes of data, backing up everything is sometimes… well let’s say “asynchronous”. That is to say a subset of the data might not yet be backed up.
Another strategy is to keep your data behind a firewall. A very strong firewall. And then to only let out copies of data that are for (e.g.,) media editing, checking back in edited versions. This is the strategy promoted by object storage when it sits behind an object storage API.
So, here’s the big question: how do you keep your data safe?
Gone are the days when data sat disconnected to the rest of the organisation on tapes on shelves. They weren’t that good anyway. Fires have put paid to many an archive.
These are my tips:
- Avoid having access to large swathes of data from a single PC / login. It is a major security hole.
- Think about your back-up, disaster recovery and replication strategies with the hackers in mind. The hackers will compromise a PC at some-point. What could a determined hacker do from there?
- Think about keeping data safe in purpose built storage. Exposing everything via a filesystem is extremely dangerous. Consider on-premises object storage for this. Get into the mind of the hacker when forming your digital content governance strategy.
Normally at this point it is common to say “don’t worry but attacks are rare and you are unlikely to be a victim of crime.” They aren’t rare. You will be attacked. Don’t be a victim.
Jon Morgan is the chief executive of Object Matrix
No comments yet