We Are Publicly Discussing our Experience of Being Attacked by Ransomware: Here’s Why It’s Important

Reading time for this article .
Subscribe to the Spectra Blog >

Spectra is going to break an unspoken rule: “What happens in your data center, stays in your data center.” Organizations are notoriously secretive about what happens in their data centers. This is understandable. Data drives the operations of most organizations, and is sometimes considered the secret sauce of operations, possibly a competitive advantage. Likewise, discussing the exact means of data protection would possibly give the bad guys insight into vulnerabilities to be exploited. And if nothing else, it’s sometimes hard to shine a light on something that cost your organization time and money.

When you write an article or blog on something you’re trying to prevent, it’s easy to get a bit lofty. Phrases like “best practices” or “top five things to do…” often put forward strategies that seem promising but sometimes lose sight of the fact that there aren’t a lot of guarantees in life no matter what you do. This is especially true when what you’re trying to do is prevent data loss in your data center.

Writing about something that actually happened to your organization takes on a different tone. For instance, our organization was recently hit by a ransomware attack. Spectra Logic is a data storage manufacturer whose solutions are used as part of a good defense against ransomware attacks. Needless to say, we’ve written a lot about this topic – that’s nothing new to us – but this is the first time we’ve been attacked by ransomware on a large scale… and we’re talking about it.

Spectra has always maintained that the concept of “genetic diversity” in storage mediums will go a long way in preventing data loss. We’ve even written a book on the topic. Using disk, tape and some form of off-site/offline facility for storage provides three different approaches that each have specific strengths and vulnerabilities.

The above paragraph starts to sound like a best practices piece, doesn’t it? If it was, the next handful of paragraphs would be filled with hope and promise of a better, more secure environment for what is arguably your most valuable asset: your data. I can’t stop myself. It’s hard not to sound that way when writing about how to use technology to protect against disaster. The focus is all about the protection part, often with no mention of what happens after all the protection part has been put in place and now actually needs to be used.

If ransomware makes it into your organization, and based on recent statistics, there’s a good chance it may someday, there’s no easy way out. Well, there are several ways out, they’re just not easy. Downtime and added expense are guaranteed, even in the best scenario.

There’s the old adage of “We learn more from our mistakes than we do from our successes.” Spectra deems the conversation of what happened during and after our ransomware attack as not only appropriate, but important.  It’s important because it shines a light on areas we don’t always discuss – one of which was put in place by our legal department that most of us weren’t even aware of.  Important because the fail-safes we put in place worked for the most part, and we want to share that. Important because there are changes we will be making, and we want to share those as well.

An article was recently published in StorageNewsletter on the experience and Spectra will be holding a webinar with the Senior Director of IT to further discuss and share what happened and how it was handled. We hope you’ll join us.