If you have any centralised data storage or computer resource, like network attached storage (NAS), you should be very concerned indeed about CyberCrime.
You can’t have failed to miss the WannaCry Ransomware cyber-attack that has hit 150 countries, 1000’s of computers and brought several hospitals in the UK to a halt (cancelled operations being amongst the issues). The temptation reading about the attack is simply to think, “I keep my computers up to date so it couldn’t happen to me.” Or, “my critical data is on a NAS device so I don’t overly care if a PC gets compromised”. Think again.
Cybercrime is on the rise and sooner or later we will all come under attack. Some attacks are generic, like WannaCry, but other attacks are highly targeted. And, whether we are in large companies like Sony Pictures with their well-publicised issues (https://en.wikipedia.org/wiki/Sony_Pictures_hack or a small company like my own that had emails going from the CEO to the CFO asking for bank transfers to be carried out (they were of course fraudulent) we are all potential targets.
And here is a big issue: Media Production companies are particularly vulnerable because many of them keep all, or a significant portion, of their information assets in very few places. This is especially true where access is via unsecure protocols and procedures.
Take this scenario. Your storage provider was running a great deal for you if you just buy one huge NAS device. Not minding the future, you decided to consolidate the bulk of your information onto that single solution. A hacker compromises a PC with access to the NAS / SAN and that PC happens to have access to a large number of files. It could be a disgruntled employee, or a kid in a bedroom 2,000 miles away, but now the hacker runs an encrypt or destroy app. It doesn’t need to take long. A targeted application doesn’t need to encrypt every byte – just enough to make the files it touches unreadable. And to therefore lock them. Just for added measure it encrypts the well-known metadata controller of your storage device. And, now it destroys itself. Getting an unencrypt key is nigh-impossible. Hey presto. Your millions of dollars of assets are now under ransom, but for just one of those millions you might get an unlock key. If you are “lucky”.
I’m sure there are worse scenarios, but if you believe that this type of attack won’t happen in the future then you are wrong. Look at Sony. It won’t be a one-off. It’s already happening now to other media production companies.
But strategies to defeat this type of hack are possible. Firstly, disaster recovery systems, replication, and back-up are key to being able to getting data back if this occurs. But a deep and clever hack attack may target those systems as well. Care must be taken not to backup or replicate the hacked data. Another challenge is that as a large media producer handling potentially Petabytes of data, backing up everything is sometimes…, well let’s say “asynchronous”. That is to say a subset of the data might not yet be backed up.
Another strategy is to keep your data behind a firewall. A very strong firewall. And then to only let out copies of data that are for (e.g.,) media editing, checking back in edited versions. This is the strategy promoted by object storage when it sits behind an object storage API.
Speaking to Francisco Ontoso, CTO of Object Matrix who provide MatrixStore an object storage solution for the media industries, he stated: