StorageCraft Technology Corporation
X

Cyber-criminals are smarter than ever, and 2018 promises to bring some of the most advanced attacks the world has seen. With an estimated cost of around $6 trillion per year attributed to cybercrime, it’s easy to see that digital crime is just as lucrative for criminals as it is damaging to businesses. Cybercrime isn’t going away, but you can do a lot to prepare for attacks by understanding new technologies criminals are employing to steal your data and money while destroying reputations along the way. Here are the four biggest threats to watch out for.

AI and Machine Learning-Based Attacks

AI and machine learning are two of the biggest buzzwords in technology today. Cybercriminals are beginning to harness these tools in a number of clever ways as well. According to Martin Giles in a piece for MIT Technology Review, “Machine-learning models can now match humans at the art of crafting convincing fake messages, and they can churn out far more of them without tiring. Hackers will take advantage of this to drive more phishing attacks. They’re also likely to use AI to help design malware that’s even better at fooling “sandboxes,” or security programs that try to spot rogue code before it is deployed in companies’ systems.”

McAfee’s annual threat prediction report also suggests that sophisticated attacks using AI and machine learning are likely to be some of the biggest threats we face. While these attacks are becoming more advanced, they still typically rely on classic phishing tactics, and you can prevent them by educating users about how to spot and avoid various online scams.

Ransomware

With threats like WannaCry and dozens of others, we’re permanently reminded of the damage ransomware causes, and the problem continues to grow. According to a report by McAfee, ransomware issues grew 56% in 2017. Trend Micro also lists ransomware as its number one cyber-threat for 2018, calling it the “land of milk and honey for cybercriminals.” Luckily, the cyber security world is beginning to catch up. Consumers are more scrupulous, fewer off-the-shelf ransomware is appearing, and law enforcement agencies are working to crack down on this type of cyber-fraud. But despite these efforts, the growth of ransomware is a clear indicator that we should stay vigilant. The best way to prevent ransomware (in addition to firewalls and anti-virus software), is to make sure you have rock-solid backups and recovery point objectives that are within your data loss tolerances.

Email Compromise Scams

As we noted in another piece about social engineering, email scams are becoming more innovative, and indeed, cybercriminals are stealing billions of dollars simply by sending spoofed emails that look quite convincing to the untrained eye. The FBI reports that business email compromise scams increased 2,370 (!) percent between January 2015 and December 2016. This adds up to $5 billion in domestic and international losses, with a total of 22,292 victims. Trend Micro predicts that this number will increase to closer to $9 billion in global losses this year.

One important thing to remember is that companies must create protocols for various types of transaction so a system of checks and balances within the organization can stop fraudulent transactions from going through. When it comes to phishing attacks through email, users should know how to spot spoofed emails, so they never open them by mistake.

Connected Device Attacks

According a report by Trend Micro, cybercriminals will likely spend more time attempting to abuse connected devices. Last year alone saw many distributed denial-of-service (DDoS) attacks that leveraged hundreds of hijacked Internet of things (IoT) devices. These attacks are likely to increase because they often allow hackers to create proxies and hide location data and web traffic, making it difficult for law enforcement to figure out where the attacks are coming from. Trend Micro also notes that many IoT devices take longer to patch, so vulnerabilities can remain unpatched for longer periods of time.

Other vulnerable devices include aerial drones, wireless home devices, and even bio-implants such as pacemakers. Trend Micro notes that many devices don’t have built-in security, which means users must take responsibility for their own security by ensuring that passwords are secure, and that device firmware is always up-to-date.

Conclusion

A single data breach can cost a company millions, but there are plenty of indirect costs too, including loss of reputation, a change in customer and investor perception, legal settlements, and more. While a specific dollar amount is difficult to calculate, it’s obvious that investing in technologies that prevent the latest attacks is the only wise move. When it comes to protecting data, and preventing various cyberattacks, the tools you buy can easily pay for themselves if they prevent even a single cyberattack.

View Comments

  • VMware Player is not a Type 1 hypervisor, and therefore does not have better performance than Virtualbox "because it runs directly on the hardware."

  • Yes, a span size of two means that each span is as small as possible. So a span size of two in RAID 100 means that you are actually getting RAID 10 without anything extra (it is the middle RAID 0 that is eliminated.) So the advice is good, basically you always want a span size of two if the option exists. Some controllers cannot handle a RAID 10 large enough to accommodate all attached drives and so larger spans are required. Typically this does not happen until you have at least ~18 drives or so.

  • The one question I have coming out of this results from the conversation that I believe possibly prompted this blog post, namely that in this thread on SpiceWorks:

    http://community.spiceworks.com/topic/548896-raid-10-2-spans-a-cautionary-tale-it-can-happen-to-you

    The recommendation/default for at least one DELL controller model was a span-size of 2, with comments referring to this being referred to as the optimal configuration for larger arrays. Is there any evidence to support this being the optimal configuration? Your blog post, and my (albeit limited) understanding of RAID would suggest that this advice is flawed. Then again, maybe I am misunderstanding something at a fundamental level?

    Furthermore, would there be any benefit to adding in multiple RAID-0 layers above the RAID-100 so that the member size of all arrays involved is kept as small as possible?

  • I like the article, to be honest I've seen many posts on newspapers, magazines and even blogs that praises the open-source as it without being put on glory or hell, just neutral

    I'll like to add some other software like Thunderbird (for email), Git (for developers) and maybe replace Notepad++ with Geany/Gedit/Kate (or the text editor of your preference, yours being the Notepad); otherwise I like your choices and those are apps that I use a lot, even if in my workplace they don't want to replace it

    • Hey Dom, depending on where you're located there are a number of ways you can dispose of VHS tapes. Most thrift shops will take them off your hands, assuming they're actual movies and not simply blank tapes. Another option is to use Greendisk (greendisk.com), which allows you to mail in your old VHS tapes for recycling. Beyond that, there may be some options specific to your location (there are waste recycling facilities that can handle this type of trash all over), a quick Google search might reveal some of them.

  • Hi there, I think your web site may be having internet browser compatibility problems.
    Whenever I look at your web site in Safari, it looks fine
    however when opening in I.E., it has some overlapping issues.
    I simply wanted to provide you with a quick heads up!
    Besides that, wonderful site!

    • Thanks for letting us know, we really appreciate it. Do you happen to know which version of IE you're using? I know that sometimes the older versions don't cooperate. I can't seem to reproduce the results you're seeing, but we're looking into it. Thanks again for bringing this to our attention.

  • I think you are missing the point entirely here. I have a home with 5 PCs all running same Windows OS version and same versions of Office. MOST of the file data on the machines are copies of same files on other machines: the Windows OS files and Office binaries. I want to backup full system snapshot images (not just photos and music) daily to a NAS on my LAN, or even a headless Windows machine acting as a NAS (like the old Windows Home Server product). I want the bandwidth savings of laptops backing up over wifi to notice that those windows files are already stored and not transmit them over wifi. I also want the total NAS storage of all combined backups reduced so that I can copy the NAS storage to either external drive for offsite storage, or more interesting up to the cloud for redundancy. ISP bandwidth caps, limited upstream bandwidth, and cloud storage annual cost per GB mean that deduplicated backup storage is essential. The cost of additional local storage is NOT the only consideration.

    I don't care about Windows Server's integrated deduplication. The deduplication has to be part of the backup system itself, especially if you are doing cluster or sector level deduplication, to avoid sending the duplicate data over the wire to the data storage in the first place.

    I've been looking at different backup solutions to replace Windows Home Server (a decade-old product that offered deduplication), and your product looked very interesting, but unfortunately the lack of built-in deduplication rules it out for me. I can only imagine how this affects 100-desktop customers when I wont't even consider it for 5-desktop home use.

    • Thank you for your comments. We appreciate all points of view on this topic.

      I agree that ISP bandwidth caps, limited upstream bandwidth, and cloud storage cost per GB show how critical it is to minimize data transmissions offsite. I also believe that much like modems and BETA video tapes, the bandwidth of today is giving way to higher access everywhere. For example, Google Fiber is now available to some of my peers at the office. Cellular LTE and satellite technologies are also increasing bandwidth for small business and home offices. At the same time, our data consumption and data creation is increasing at a rate that may outpace this increased supply of bandwidth. Either way, there are ways to work around data transmission limits.

      One way we help with data transmission over slower networks is we incorporate WAN acceleration and bandwidth scheduling technologies into our offsite replication tools. These allow you to not only get the most efficient use of available bandwidth but to also schedule your data replication during off-peak hours. Another way we help with data transmission is through compression. Deduplication is after all simply another form of data compression which reduces the near side (source) data before it is transmitted over the wire (target).

      In your case, you could use our product to store images on a local volume which has deduplication. You could then replicate data over the wire to offsite storage using ImageManager or some other tool. Many of our customers do this very thing.

      Keep in mind that the deduplication process has to occur at some point: either at the source or at the target. If you wanted to deduplicate your 5 PCs you would be best served with a BDR solution that can read each of those PCs, see the duplicate files on each, and avoid copying those files to storage. In this example, deduplication would occur on your BDR but you're still reading data from each PC over the wire to your BDR. In addition, your BDR would control the index for data stored on a separate volume or perhaps has the storage volume incorporated in the BDR. This creates a single point of failure because if your BDR crashes then the backup images for your 5 PCs wouldn't be recoverable and current backup processes cease.

      At StorageCraft we focus on the recovery. Our philosophy means that we take the smallest fastest backup images we can and then we give you ways to automatically test those images for reliability, compress them into daily/weekly/monthly files according to your retention policy, and replicate those images locally and offsite. This gives you a solid foundation from which to recover those images quickly to almost any new environment. I have yet to see a faster more reliable solution among our competitors.

      Cheers,
      Steven

  • Regarding Shadowprotect desktop:
    I am looking for the following capabilities
    1. Windows 8.1 compatability
    Everything I've examined says Win 8 but nothing about Win 8.1
    2. I want to be able to do the following on an ACER S-3:
    320gb hd with Win 8.1
    create an image of the 320gb drive.
    Install a 120gb drive in the ACER.
    Install the image to the 120gb drive.
    I am assuming that I can boot from the Shadowprotect
    CD, use an external usb connected dock with the 320gb
    image, and successfully install the image from the
    external dock to restore to the 120gb drive installed in the ACER.
    3. Does Shadowprotect take care of setting up the needed
    partition and format for the target drive (120gb in this case)

    I've looked at several of the alternatives to your product
    posing the same questions above and get vague or downright
    misleading answers to my items 1, 2 AND 3 above.

    If I purchase your product will I be able to do what I
    want as stated in items 1,2 and 3 above?

    I have done exactly what I described in items 1,2 and 3
    above for WIN 7 using a product called EZGIG II and am
    pleased with the results. I am looking for the same
    capability for Win 8.1.

    Please avise,
    Joe O'Loughlin

    • Hello Joe,

      Thank you for your questions. I'm sorry that other vendors have disappointed you with vague or misleading answers. Fortunately I have good news for you.

      1) Yes, we are compatible with Microsoft Windows 8.1 technology. The ShadowProtect ReadMe file contains information about version compatibility (near the bottom). Here's a link to the ReadMe file stating that we are compatible with Windows 8.1 and Windows 8.1 Enterprise.

      2) Yes, you can resize the image of a larger disk to fit on a smaller disk. This is typical of SSD upgrades where the less expensive and larger HDD is replaced with a smaller and faster SSD drive. Please keep in mind that we cannot shrink a partition past the data written on the volume. Here are some articles on shrinking disk volumes that you can read in our knowledgebase:

      Shrink volume size: Removing free space from an image.
       
      Alternative Methods to Shrinking volume size for your drives.
       
      Why can't ShadowProtect shrink the volume further?

      Also, I find that our StorageCraft CrossPlatform Recovery Environment tools seem to shrink a disk volume the best. If you purchase ShadowProtect I would recommend that you download the Recovery Environment and burn it to a USB key or CD/DVD to assist you in the process.

      3) Yes, ShadowProtect takes care of the needed partitioning and format for the target drive. Please keep in mind that if this is an SSD drive, these drives typically have a manufacturer's disk utility you should run to properly condition the drive first. When you run the Restore Wizard you will be able to see your target drive and properly format and initialize it within ShadowProtect.

      Lastly, you can download an evaluation copy of our software and test the first two of these three questions: namely Windows 8.1 compatibility and shrinking your disk volume. You will need to purchase a licensed copy of the software to be able to restore to new hardware, but once you do you'll have a reliable backup solution to continually protect your system and data. I use a continuous incremental backup on my work and home computers to ensure no matter what happens I will always be able to recover my important Windows systems and data.

      Cheers,
      Steven

  • Hi Steven
    at 6 august 2013 you wrote:
    " Another release will have the complete tools for backing up and recovering both Linux and Windows systems. I can tell you that this later release will be out before the end of the year."

    But now we are already in 2014.

    when we can have this "complete tools for backing up and recovering both Linux and Windows systems" ?

    Thanks

    • Hello Carlo,

      Yes, you have pointed out the travails of being both a Techie and a Marketer, namely predicting software release dates. We both know how fast technology changes these days. What with Microsoft updates, new hardware (and the associated drivers), the constant flow of Linux distros, and StorageCraft's penchant for getting everything perfectly aligned before a release and my job as a Technical Marketer job becomes nigh impossible. I apologize for getting the date wrong, and will post more information about the upcoming software release as soon as I get it.

      Thank you for keeping me honest.

      Cheers,
      Steven

    1 2 3 11