Planet Earth is under (cyber) attack – who can save it?
By Simon Harper, Sony
Following the WannaCry ransomware attack, the need for a media company to have effective business continuity and disaster recovery strategies has never been more important: and it starts with ensuring that your data cannot be deleted.
It sounds like the plot to a mediocre science fiction film.
The year is 2017. A ransomware virus has caused untold havoc among the IT systems of planet earth, disabling private companies and hindering public services. Cyber criminals are demanding huge sums of cash in return for releasing their victims from the vicelike grip of this digital demon. Who can save them?
Yet, this is no movie. This is the scenario that occurred in May following WannaCry, a ransomware attack that exploited vulnerability in Microsoft Windows.
This particular cyber assault hit 150 countries, 1000s of computers and brought several hospitals in the UK to a standstill, causing vital operations to be cancelled.
From Honda’s Sayama car plant in northwest Tokyo to traffic cameras in Melbourne, many thousands of individuals, companies and services were affected in what became a global IT crisis.
Eventually it was halted, almost by mistake, when a 22-year old researcher from Devon, Marcus Hutchins, inadvertently activated the ransomware’s kill switch while attempting to uncover more about its origins.
The world breathed a collective sign of relief but not before many people had handed over the $300 bitcoin ransom to take back control of their computer systems.
That is what ransomware does. It holds your files hostage until you pay a ransom to have it removed. Typically, it spreads as a Trojan virus, arriving in a computer system through a network service or via a downloaded file, disguised as legitimate software.
In the case of WannaCry, the malware encrypted files using ciphers that allowed hackers to directly decrypt system files. To remove it, a decryptor was required. This decryptor costs hundreds of dollars in bitcoins (the digital payment system) in order to make it work.
Media companies are weak and vulnerable
If you work in media (and you’ve read this far) and you are still wondering why this is all relevant to you, let’s explain.
Cybercrime is on the rise and there is every chance your company could be affected next.
In the eight months that followed its inception in October 2016, the UK’s National Cyber Security Centre (NCSC) recorded 480 major cyber incidents that required its attention.
The majority of those incidents, 451, were what is referred to as level 3 attacks ie those that are typically confined to single organisations. At the time of writing, there have been no level 1 national cyber security incidents, that being the highest ranking for crimes of this nature.
The latter is great news but the former illustrates just how vulnerable individual companies are. And few are more vulnerable than media companies.
Media companies are particularly susceptible because many keep all, or a major chunk, of their data assets in just one location, despite warnings to the contrary.
But there are solutions
Valuable data should always be backed-up in at least one, preferably two, places.
This is because the best defence against ransomware is an efficient backup and disaster recovery plan. It won’t make an attack completely painless but it will allow a company to restore its data and systems.
Backing up important data should be done on a daily basis so, if your company is attacked, you won’t have to pay to get your data back. It’s pretty simple really.
Unfortunately, malware can now locate online and offline backups and can even encrypt or delete those backup files. However secure, cloud-based backups can fall victim to ransomware too.
One potential solution is to ensure that your data – either the local version or its backup or both – cannot be overwritten or deleted. This is where WORM (write once, read many) becomes crucial.
The WORM has turned
WORM is a data storage technology that allows information to be written once and prevents the drive from erasing that data.
Additional data can be added until the capacity is full but any recorded data cannot be deleted or overwritten. The written data housed on the storage medium can be read as many times as desired.
One purpose of WORM is to allow big financial and legal organisations to meet regulatory retention requirements but it also extremely useful when it comes to archiving and, importantly, when dealing with the consequences cybercrime and IT systems failure. Both of these things are particularly relevant for media companies.
A brief history of WORM
The earliest forms of WORM storage were punched cards and paper tape, both of which were used in computers up until the 1970s.
WORM storage took on a new form in the 1980s, using a 12-inch (30cm) disk in acartridge, with an ablative optical layer.
IBM gave the WORM concept its approval by announcing its first product in April 1987: the 3363 Optical WORM drive.
The first WORM compact disc (CD-R) was introduced in 1990.
Read-only Memory (ROM), found on all PCs since the 1980s, is a type of WORM storage.
The early 2000s saw the introduction of magnetic WORM devices.
In 2017, the choice of WORM storage now extends to the cloud and virtual storage with many of the big players now offering WORM services.
Types of WORM
There are several storage formats that can be WORM including hard disk drives (HDD), tape drives, cloud and virtual storage and optical disc.
Optical disc archives use multi-layer Blu-ray technology and blue laser to record and store data for near-line, offline or archive. Optical has a long life span, can cope with most environmental conditions (dirt, heat, vibrations etc) and is familiar to many through its consumer manifestations. Optical disc is more expensive than other options but, in return, it is more reliable, more durable and has longevity on its side: the latest generation of disc has a potential lifespan of 100 years.
HDD is a good option for short-term information storage as data can be accessed quickly and easily and the drives are freely available and inexpensive. There are various WORM software applications that can deliver high-performance disk-based data permanence for HDD. But the drives are renowned for being prone to failure.
Tape drives are commonly used to backup data as they have a high capacity, offer fast access and are highly portable. Like optical discs, they are also more reliable than HDD. However, tape is extremely sensitive to storage conditions and must be migrated regularly in order to maintain the integrity of the saved data. This can be an expensive and time-consuming process.
Cloud storage with WORM capabilities is infinitely scalable, is paid for as an operating expense (subscription) rather than as capital expenditure and is cheap in the short-term. But it can prove expensive as a long-term storage medium. Having a third party look after vital data still causes concern among some companies too, although the ability to lock a storage vault and Service Level Agreements do provide some reassurance.
Use cases for WORM
Business Continuity is the process of keeping a business going during a failure or disaster. It requires systems and processes to be in place that allow data to be accessible, despite what has occurred, with little to no downtime. Having data saved on a WORM basis is a huge help for Business Continuity
Disaster Recovery is the subset of Business Continuity that is concerned with saving data so that it can be recovered in the event of a major problem. A WORM library stored in a completely different location from the original data will allow this to happen.
WORM is ideal for historical storage, especially for footage masters that must be kept in perpetuity. Using optical disc archives that are WORM can also be useful as a back-up for other production footage and because of its random access, could be used as extended nearline storage within post-production.
The money shot
Importantly, WORM can potentially save you money.
The National Cyber Security Centre’s ‘Cyber Security Breaches Survey’, published in April, revealed that nearly seven in ten large businesses identified a breach or attack in 2016. The average cost to those businesses over that period was £20,000 but in some cases it reached millions of pounds.
Small businesses can also be hit particularly hard by attacks, the survey revealed, with nearly one in five taking a day or more to recover from their most disruptive breach.
Of all businesses that came under attack, just fewer than 25% had a temporary loss of files, 20% had software or systems corrupted and 10% lost access to third party systems. A further 10% had their website taken down or slowed.
Put simply, falling victim to a cyber attack costs money, not just in lost business and reduced workforce productivity but also in real-terms as it can cost many thousands of pounds to reinstate systems, processes and lost data. And you might even have to pay a ransom to get your data back, as was the case with WannaCry.
Having data that is impossible to delete – backed-up in several places – removes a good deal of that exposure, therefore saving you money. WORM makes that possible and while it may not solve all IT security issues, it can certainly reduce the pain of cyber crime.
Who can save planet Earth from digital demons? Super WORM! OK, so it’s not the best sci-fi film plot ever devised but it sure beats the disaster movie scenario that media companies might otherwise face.
About Sony Professional Solutions Europe
Sony Professional Solutions exists to unleash the incredible power of images. Helping customers tell stories, springboard change, connect emotionally, stimulate learning and activate potential is at the heart of our vision.
With a winning combination of technology and creativity Sony partners with businesses across a wide variety of sectors including Media and Broadcast, Theatre, Healthcare, Sports and Corporate and Education markets to deliver innovative and transformational customer solutions.
Operating with over 30 years’ experience and a trusted network of established technology partners Sony has a wide portfolio of product and services propositions provides true value to businesses and informs, educates, entertains and inspires their customers
About Object Matrix
Object Matrix provides digital content governance and object storage platforms. The company was built on the philosophy that archive systems should be scalable and interoperable, as well as ensuring instant access to data and metadata. Its flagship product, MatrixStore, is an integrated object storage software solution providing protection and governance for the lifetime of any digital content. It’s used by global organisations that create, curate, and distribute video content, including NBC Universal, TV Globo, the BBC and BT.
Object Matrix is comprised of a team of storage industry experts with a shared vision for high levels of data security combined with intuitive user interfaces. In addition to providing solutions and product integrations for the storage, search and retrieval of media assets, Object Matrix also provides consultancy, training, systems integration, and ongoing support services.