Object Storage: Your Primary Defense Against Ransomware Attacks.

By Hubert Yoshida posted 06-26-2019 00:00


Ransomware attacks are on the rise as Municipalities pay up. This month two cities in Florida, Riviera Beach and Lake City have decided to pay the ransom to recover their data.


Lake City's disclosed the attack on June 10, and their computer systems had been down for at least two weeks. Email systems were down, and residents could not pay their water and electric bills online or get building permits. The ransom required was 42 bitcoins, which at today’s price is over $563,000. (Bitcoin prices have been skyrocketing since Facebook announced their intention to issue the Libra cryptocurrency). Lake City’s decision to pay the ransom was probably influenced by another town, Riviera Beach, who decided to pay 65 Bitcoin to ransom their data.

Riviera Beach was hacked on May 29, when an employee opened an allegedly infected email attachment, which allowed the hacker to encrypt government records, blocking access to critical information and leaving the city unable to accept online utility payments. The city had to spend $900,000 on new computer software that was planned for next year, and they decided to pay the ransom in order to recover the data.

In May, the city of Baltimore experienced a similar hacker attack, wherein cybercriminals allegedly took over roughly 10,000 government computers and paralyzed the work of the local utility system using a ransomware called RobinHood. This attack locks up the servers which can only be unlocked by a key that the hacker controls. The hacker demanded 13 bitcoins, (nearly $100,000 at that time) to release the back up. The hackers threatened to increase the ransom in the event of not paying in four days. Baltimore had experienced similar attacks in the past and decided not to pay the ransom. They are engaging leading industry cyber security experts to recover their systems. The recovery is now in its ninth week and costs are estimated to be $10 million with $8 million in lost or deferred revenue

The FBI recommends against the payment of ransoms since it encourages the ransomware attackers and there is no guarantee that the ransom would be honored. However, the costs to recover could be very expensive versus the cost of the ransom. In 2018, hackers demanded that Atlanta pay about $50,000 in bitcoins (bitcoin was a lot cheaper than) as part of a ransomware attack. The city refused, and according to a report obtained by the Atlanta Journal-Constitution the attack wound up costing the city $17 million to fix. Mid to small -sized cities like Lake City and Riviera Beach are very budget constrained and are more likely to take their chances on paying the ransom. They are also more likely to spend less on technology investments, especially for security and backup, and keep them current with the latest updates, making them more vulnerable to future attacks.

In light of these increasing ransomware attacks, and the increasing costs of these attack in terms of Bitcoin ransoms and the remediation costs, there are many online articles with recommendations on mitigating the risks of ransomware and protecting your data. Backup is always mentioned, but very few articles mention the value of object storage, which I would consider to be the first line of defense.

An object storage like Hitachi’s HCP, can eliminate the threat of an attacker encrypting your files. When HCP ingests an object, it is stored as a write-once-read-many (WORM) object. Meaning it cannot be changed. In an attempt to encrypt the file a hacker would have to hack through the authentication and authorization protections of the HCP system to read the object, then encrypt it and write it back to HCP. However, since the original object is WORM, the newly encrypted object would be stored as a separate version and the original object would still be accessible. HCP could mitigate the effects of ransomware and might even eliminate the need for backup which could offset that cost as well. When you consider the multi-million dollar costs of recovery and lost or deferred revenue, HCP would be considered a bargain.

Please refer to my previous blog post on The Growing Demand for Object Storage, Object storage is being increasingly used for tier 1 applications. Krista Macomber of Storage Switzerland is quoted in that post as saying:

Object storage has long been viewed as an archive and long-term retention platform. But in the age of data-driven business intelligence, more frequent and more sophisticated cyberattacks, and data privacy regulations, its value is quickly expanding as it meshes scalable, low-cost storage capacity with data indexing and mining capabilities.


Read Hitachi’s solution profile on how HCP can overcome the risks of ransomware and learn how HCP can keep your business running smoothly, protect your data, eliminate lost employee productivity, and extend protection to remote and branch offices.