Ransomware Fears REDLab

Cyber Resiliency & Ransomware September 05, 2023

Fight Ransomware with Veritas REDLab 

The Veritas REDLab team conducts rigorous experiments to affirm the reliability of our solutions. Overflowing with insights that render it indispensable to digital security, REDLab enables us to strengthen our “secure by default” protocol. These proactive measures help us ensure the safety of organizations like yours. 

We bolster our formidable defenses with the help of experienced cybersecurity experts. Their hands-on experience equips us with in-depth knowledge about infrastructure, applications, ransomware identification, and debugging techniques. These efforts draw further strength from machine learning (ML) extensions designed to offer additional protection and ensure your data remains free from harm. 

How We Design Protection 

Our priority is providing data security and intelligent, automated solutions to protect and manage your data. We use REDLab findings to continuously enhance our secure-by-default approach by integrating new security features aligned to guidelines from the U.S. National Institute of Standards and Technology (NIST) guidelines. These include using air-gap techniques to ensure backups remain undamaged and storing immutable data protected by an internally controlled, proprietary compliance clock. Highlights include: 

  • Hardened Secure Flex is a NetBackup appliance stack purpose-built for security. It includes proprietary policies that conform to Security Technical Implementation Guides. This best practice aligns with NIST standards.  

  • Mandatory access control ensures that only authorized users can access the appliance. The intrinsic intrusion-detection and protection services protect the appliance from unauthorized access and attacks. 

  • SIEM/SOAR functionality provides an audit trail of important user and system actions that you can use to investigate anomalies and incidents.  

  • NetBackup appliances are designed with Zero Trust framework at the core. NetBackup services will not communicate with each other without authentication and proper authorization.

  • Flex Lockdown Mode prevents unauthorized access or modification of the operating system. Even fully credentialed administrators can only access or modify the operation system by first disabling lockdown mode. Hosting immutable storage requires lockdown mode, although you can enable it independently without immutable storage. 

  • NetBackup protects modern infrastructures from a single console, whether they’re on-premises, hybrid cloud, multi-cloud, virtual, or any modern workload from any place.

How We Design Detection

Improving the security of data can reduce risk and demonstrate greater regulatory compliance. Veritas offers AI-powered anomaly detection on primary and backup data. Event-triggered malware scanning can identify and prevent cyberattacks before they cause damage. Detection features involve a comprehensive set of features to proactively safeguard your data from a variety of threats. For example:  

  • Ensure that backups are free of malware. Integrated malware scanning provides automated and on-demand scans for protected backups with built-in and bring-your-own software options.

  • Identify potential attacks before they cause damage. AI-powered anomaly detection looks for unusual data across the entire environment and alerts you to suspicious anomalies in near real-time.  

  • Locate and prioritize areas where data is most at risk. NetBackup IT Analytics provides a ransomware risk-assessment dashboard out of the box, using predictive analytics to identify potential risks within a backup environment.

  • Protect data from unauthorized access. Implement secure access controls like role-based access, single sign-on, and customizable authentication.  

  • Prevent malicious expiration of backup images. Image Expiry Anomaly Detection does real-time scans of the activity of users with elevated privileges. If someone tries to expire images unexpectedly, NetBackup triggers an alert to the SIEM/XDR. In addition, IT Analytics suite bundles warnings and furnishes a detailed report.

How We Design Recovery 

Veritas offers comprehensive recovery measures to protect against the threat of ransomware. These measures protect your data whether it’s your entire data center, individual databases, or massive bulk recoveries. Restore individual databases and files or an entire data center in the cloud. You have the ability to recover your server elsewhere, at scale, or do orchestrated bulk recovery. 

Using an isolated recovery environment (IRE), you’ll have a secure copy of critical backup data. Administrators have a clean set of files on demand for recovery, which helps in the event of a ransomware attack. They can restore data without worrying whether malware is present. 

Disasters can cause immense disruption to businesses, especially if you lose critical systems like Active Directory. Veritas provides a reliable solution to restore a lost Active Directory. This is a critical ability if you depend upon it for authentication and authorization. Our NetBackup Resiliency Virtual Business Service salvages multi-tiered applications via a unified procedure, sparing you from tedious complexities while delivering unmatched resilience.

Our Commitment to You

REDLab is a comprehensive assessment environment we use to close vulnerability gaps by simulating real-world attacks on our own solutions. This is how we identify areas that malicious actors might exploit to insert malware into your systems. It is dynamic and continuously evolves with new threats so we can help you remain one step ahead. We purpose-build hardened and secure solutions so you can be more secure and compliant.

For more information, check out REDLab on the Veritas Trust Center.

Sonali Jeurkar
Director of SQA Engineering
More in Cyber Resiliency & Ransomware