cl-nz logo
Story image

Beating ransomware using cloud infrastructure with vGRID and Veeam

When Kiwi motorcycling distributor Whites Powersports were hit by ransomware, unlike so many other Kiwi businesses they didn't have to panic because they knew vGRID already had their back.

The company has been a vGRID customer for several years after deciding that cloud infrastructure was the best solution for their IT business needs.  Whites Powersports utilises vGRID Enterprise Virtual Servers with Premium Back-up which offers better technology and performance than it could get on its capex budget.

The solution, crucially, includes Veeam Software which is integrated into the vGRID platform as a service offering, providing availability through efficient Virtual Machine backup, fast and flexible recovery and advanced Virtual Machine replication.

Within two hours of being hit by ransomware Whites Powersports was back up and running.

While ransomware has become one of the biggest cyber security threats for businesses, Bruce Trevarthen CEO of LayerX Group, is adamant that protecting businesses from ransomware does not have to be a daunting task.

“The backup and disaster recovery solutions in vGRID inherently protect you from that,” he says.

“We have services and offerings that, if implemented, give companies the peace of mind that their data can be restored with full integrity very quickly and in an efficient manner – and Whites Powersports is a great example of that,” he says.

“The reality is that as much as you can put in smart systems, software and processes, and educate your staff, ransomware attacks can and will still happen.

“You can never be 100% protected from ransomware.”

While ransomware only really achieved its high profile in recent years, it has been around since 1989, however early versions, distributed on diskettes, were easily decrypted.

Today, two types of ransomware dominate – locker ransomware, which denies access to a computer or device, impersonating law enforcement and claiming the computer is under investigation and has been locked, usually until a ‘fine’ has been paid; and the more common crypto ransomware.

Crypto ransomware prevents access to files or data, with CryptoLocker the first big crypto-ransomware to gain attention.

CryptoLocker is a more advanced form of ransomware, which first surfaced in 2013 and relies on social engineering to get users to open email attachments. A Trojan horse then infiltrates the system and encrypts files with commercial grade encryption and, according to Bill Kleyman, Veeam Cloud, Virtualisation and Data Centre Architect, taking advantage of Windows’ default behaviour of hiding the extension from file names to disguise the real .exe extension of the malicious file.

Kleyman cites one study which shows ransomware netted one group of cybercriminals more than $120 million – or 189,813 bitcoins – in just six months in one widespread ransomware attack.

A newer form of ransomware, CrypJoker, uses the AES-256 algorithm to encrypt files. While not widely distributed yet, Kleyman says security experts are warning of the variant, which targets 30 different types of files and deletes shadow copies of them.

“The reality with these things is they are very, very brute force, they encrypt and then the system will keep going back and re-encrypting files they’ve already encrypted,” Trevarthen says.

“So it’s not just the case of getting really powerful computers and un-encrypting it – it’s far more detrimental than that.

“And even if you pay the ransom – and I’m not suggesting anyone does – you have to wait to have it unencrypted, which can be quite long,” Trevarthen says.

McAfee Labs noted in a September 2016 report that ransomware attacks were growing at more than 128% year on year with more targeted attacks increasing.

Trevarthen says currently ransomware isn’t strictly targeted, with cybercriminals instead targeting just a database of potential victims.

“If ransomware gets to a point where it is fully automated and you’ve got scripts encrypting files and demanding ransoms, they could arguably target every single company in a country,” he says.

“That is a much bigger problem – it’s a situation where you could cripple a country’s economy, if it was able to take hold.”

With IT now so interwoven with business processes, Trevarthen says crippling a business by taking out its IT isn’t unrealistic – no matter what the size of the business.

“If we can get our channel community to get out there and protect New Zealand businesses, it’s good for business, but it’s also good for New Zealand.”

vGRID’s offerings include a range of outsourced IT services including virtual servers, virtual desktops and Exchange email along with backup and recovery solutions for servers and files, and a voice services platform.

“When configured for disaster recovery, a customer can power on a replicated virtual server in just a few minutes.”

Trevarthen says vGRID is constantly evolving its systems, running a three year product life cycle to ensure the most up-to-date, high performance infrastructure, with the software also being refreshed and kept up to date.

The offerings are delivered via the Kiwi reseller channel.  “Our partners are our frontline,” Trevarthen says.

“We don’t do anything our partners do – we don’t patch servers, go onsite, configure servers or liaise with the customer.

“Our job is to provide the channel with the tools they need to go to market and make big promises. Our partners need to be able to go to market and make bold claims and we enable that.

 “If we’re empowering the channel to make bold promises, and these promises resonate with the market in terms of what is important for small businesses, then we’re doing our job and providing our partners with the ability to do theirs.”

Story image
TMG nabs Flexera APAC partner of the year award for second year running
"With skilled experts across multiple Flexera capabilities and a solid framework, they continue to show a strong dedication toward ensuring success for our mutual customers."More
Story image
Deep learning seeing widespread adoption in APAC region
As a sub-category of machine learning, deep learning is fast becoming part of mainstream AI deployments – new software to join the likes of Siri, Alexa and Cortana is currently being developed and will likely be introduced in the next few years, says GlobalData. More
Story image
Commvault adds AWS B&R among new capabilities
Also enhances Oracle and SQL database migration capabilities and adds integration with ServiceNow SaaS platform.More
Story image
Server market and ESS revenues slump as COVID-19 spreads - IDC
The enterprise storage systems market as well as server markets will see declines in the first two quarters of 2020, but are expected to recover near the end of the year, according to IDC.More
Story image
Govt widens 'essential products' to include tech goods
New Zealand businesses are now able to sell ‘essential’ non-food consumer products such as computer equipment and mobile phones, while the country remains at Alert Level 4 lockdown.More
Story image
Forcepoint unveils impressive channel recruits across APAC and ANZ
Cybersecurity firm Forcepoint has named four new key appointments to its leadership team as it looks to strengthen its channel, strategy and sales lineup across the Asia Pacific and Australian New Zealand regions.More