Your money or your data: why immutable data is key in the fight against ransomware

29th July 2019BlogTom Richards

Are you ready to get in touch?

Request a Call back

Targeted attacks on the rise

About this blog: Ransomware attacks are becoming increasingly targeted—and if an organisation’s defences fail, the costs can be enormous. Although many businesses may be tempted to focus their efforts on prevention, the uncomfortable truth is that in cyberspace, the attacker always has the advantage. To protect operations from the worst-case scenario, businesses must disarm the threat of ransomware attacks at the source: the data storage layer. With immutable data backups from Northdoor, organisations can ensure that data is protected, unchangeable and easy to restore in the event of a ransomware attack.


A ransomware attack can quickly turn into a company’s worst nightmare. Within minutes, infected devices can encrypt large amounts of vital business data. To recover their data, organisations are often coerced into paying hefty ransoms—typically via untraceable cryptocurrencies such as bitcoin. Although ransomware attacks have started to decline in frequency in 2019, they are becoming significantly more targeted. As a result, the average ransom has shot up from £5,375 in Q4 2018 to £10,400 in Q1 2019: an increase of 94 percent.

Even if organisations do decide to pay, restoring all affected data is far from guaranteed. The government of Lake City in Florida recently signed off on a $600,000 bitcoin payment to the hackers holding their systems hostage—but it is still unclear whether thousands of pages of digital documents can ever be recovered.

Preparing for the worst

How can organisations protect themselves against the threat of ransomware? For many businesses, the first instinct is to invest in defence. These strategies may include more advanced data protection systems and increased operational security training for employees. But in an internet-connected system, attackers always have the advantage—and enterprises should prepare for a worst-case scenario in which their defences fail and their systems are compromised.

When it comes to containing the destructive and disruptive impact of ransomware, the most important capability is a robust, resilient approach to data protection. In this respect, many of today’s best practices around data backup and disaster recovery offer little to no resistance against a ransomware attack. Continuous data replication to a secondary data centre, for example, is insufficient to protect against ransomware because it offers no straightforward wayto identify the point at which the infection began.

Running continuous backups means that it is possible for existing backed-up files to be overwritten by the encrypted versions—potentially leaving the business without a clean copy of data to restore from. This approach also introduces the risk of the ransomware software itself being backed up. In this scenario, even if the business can restore unencrypted data from an earlier backup, the encryption process may simply begin all over again.

Fighting back

In the fight against ransomware, there is one weapon that all future-facing organisations should have in their arsenal: immutable, unchangeable data.
By storing data backups in a write once, read many (WORM) format, businesses can ensure that it cannot be encrypted by attackers: allowing for fast, complete recovery and thereby disarming the ransomware threat.

By building on Compass from Cobalt Iron—itself based on industry-leading IBM Spectrum Protect technology—Northdoor has created a solution to protect organisations from the business risk of ransomware attacks. Using Compass’s Cyber Shield capability, Northdoor’s backup-as-a-service offering delivers WORM capabilities as standard.

By creating and securely isolating WORM copies of data at regular intervals, the Northdoor solution ensures that there is always an immutable, timely copy of data in addition to the continuous snapshots of the environment. The result? Rapid, straightforward and cost-effective data recovery if the worst-case scenario happens.

Disarming the threat  

Based on our deep expertise in information security, leading UK professional and financial services organisations trust Northdoor to protect their most important asset: their data. Through a single pane of glass, businesses of all sizes can use Northdoor’s backup-as-a-service offering to consolidate all their enterprise backup tasks and protect all their data, with WORM capabilities by default.

If your organisation wants to fight back against the ransomware threat, then Northdoor is ready to help.

To learn more, contact us about a free threat analysis.  We are offering a full threat-analysis exercise, covering all major aspects of IT security and data protection.

For more details, see our dedicated Threat-Analysis Exercise page.


Our Awards & Accreditations