Getting the measure of ransomware – the vital role of tape technology

The rapidly expanding global data storage market is being fuelled by a range of powerful tech trends. From the exponential growth in data volumes, big data applications, and IoT deployment, to the impact of AI adoption and the success of the cloud computing industry, organisations everywhere are buying much more storage. This translates to an industry that is set to rise in value from around $187 billion last year to over $700 billion by 2032. 

Moreover, less than two years after the launch of ChatGPT, the AI-powered storage market has gone fully mainstream and is expected to contribute over $110 billion to the overall sector by 2030.

Against this backdrop, however, storage vendors and their customers also face a range of significant challenges, with cybersecurity a perennial concern. The number of ransomware attacks claimed by gangs in May this year alone, for example, reached near-record levels, with 450 victims posted on extortion sites. In most cases, there are serious financial consequences with organisations paying the ransom demand, the cost of recovery, or, in some unfortunate cases, both.

While there is an array of technologies on the market designed to prevent or mitigate ransomware attacks, copying data to offline and offsite storage remains the only way organisations can be certain their data is recoverable. Without this capability in place, ransomware can very quickly propagate between operational and customer data while also encrypting primary and secondary backups.

The risks don’t end there, with attacks targeted at supply chains to infect multiple organisations through a single point of entry. This can all happen within a matter of minutes and before many organisations have a chance to react.

The drive to implement tape

A key question to ask, therefore, is what kind of storage technologies are best suited to building a ransomware-proof backup strategy? For many organisations, tape-based storage provides an affordable and rapid data recovery option while also delivering an immutable copy of their data, which is ideal for effective ransomware protection.

As one of the technology industry’s most enduring and trusted technologies, data stored on today’s advanced tape technologies, such as Linear Tape-Open (LTO), is inherently resistant to cyberattacks. This is because data stored on tape is not directly accessible via the network, with the resultant “air gap” providing a critical layer of protection. This ensures that backup data remains untouched even if an organisation’s network is compromised. The concept of the air gap is a key part of the ‘3-2-1-1 rule’:three copies of your data, in two different storage mediums, one kept off-site and another offline.

In some ransomware scenarios where large volumes of corrupted data are involved, gaining access to clean copies of data stored on LTO tape for example may deliver a faster, more effective and secure recovery process than can be found elsewhere in other solutions.

To help add a further layer of security for sensitive data, LTO technologies can also incorporate native hardware encryption directly within the tape drive itself. These tape drives encrypt data as it is written onto the tape using hardware built-in encryption. This ensures that any data stored on the tape is virtually impossible for unauthorised users to access without the correct decryption key, which, in a way, turns the tables on ransomware adversaries.

The risks associated with a ransomware breach also involve potential compliance problems, particularly for organisations that need to protect data over the long term. In these circumstances, tape continues to play a leading role, not least because of its proven durability and value for money compared to other storage technologies.

When combined with advanced cybersecurity technologies, such as endpoint protection, intrusion detection systems (IDS), and security information and event management (SIEM) systems, the tape helps build a fully integrated anti-ransomware ecosystem that also protects against a wide range of other cyber threats.

Think of it this way: to protect against the risks associated with ransomware, security experts around the world emphasise the importance of being prepared in advance. Organisations need to adopt a mindset where it’s not a matter of if or when they will be targeted but how often. Armed with that perspective, it becomes easier to focus on what’s required to build a strategy that can minimise the risks of a breach and, should one occur, mitigate its impact.