EP05: What is Immutability and Why Do Ransomware Gangs Hate it?

Written by Hornetsecurity / 16.05.2023 /

You are currently viewing a placeholder content from Youtube. To access the actual content, click the button below. Please note that doing so will share data with third-party providers.

More Information

You are currently viewing a placeholder content from Libsyn. To access the actual content, click the button below. Please note that doing so will share data with third-party providers.

More Information

In today’s episode, we welcome Philip Galea, an esteemed expert in immutability and backups at Hornetscurity. With ransomware being one of the most pervasive issues in the industry today, immutability emerges as a powerful weapon against ransomware gangs.  

The term immutability is thrown around a lot in the cybersecurity community, but what does it mean, and why do ransomware gangs hate it?  This episode provides a fascinating insight into immutability and its vital role in the fight against ransomware. 

Timestamps:

4:25 – What is immutability?

9:34 – How ransomware drove the need for immutability

12:30 – Ransomware creation via ChatGPT

18:12 – Are there benefits and use cases for immutability outside of backup?

21:30 – How does immutability really work?

24:57 – What’s to stop a rogue admin from “Tinkering” with immutable storage?

Episode resources:

EP01: We used ChatGPT to Create Ransomware

MITRE ATT&CK DK

Hornetsecurity VM Backup

Immutability refers to the quality of being unchanging or unable to be modified. In the context of data backups, immutable backups are copies of data that cannot be altered or deleted by anyone, including the individuals who created them. This feature makes them highly resistant to manipulation or tampering.

Now, why do ransomware gangs harbor such disdain for immutable backups? The answer lies in their malicious intent and the disruptive nature of ransomware attacks. Ransomware is malicious software that infiltrates computer systems and encrypts valuable data, holding it hostage until a ransom is paid. It thrives on the ability to control and manipulate data, leaving victims with few options.

Immutable backups, however, pose a significant obstacle to these cyber criminals. By preserving data in a state that cannot be changed, even by the most sophisticated ransomware, immutable backups provide a failsafe against data loss. When a system is compromised, organizations can restore their data from these secure, unalterable backups, rendering the ransomware attack futile.

We strongly advise utilizing Hornetsecurity’s VM backup service, especially now with the introduction of the V9 feature. Employing VM Backup V9 significantly enhances data security, effectively shielding your data from deletion and unauthorized alterations.

You might also be interested in: