“Ransomware was largely unheard of years ago, but today it's a household name - everyone knows someone or some organization which has been infected. The future guarantees that more menacing ransomware variants will take center stage wreaking havoc in our homes and places of business. When ransomware exploits bypass perimeter cyber defenses you have only to rely on your predictive analytic cyber defenses to protect you, else I hope you have stable and secure backup to fall back on!” he said.
It is thought that with predictive analytics, it brings the technology more into a savior category then a staple. It elevates the ability of the technology to detect changes in data, which points to outbreak of ransomware and then allows the IT administrator to refer back to the last legitimate backup point.
Predictive analytics is a necessity because the malware of tomorrow is unknown and will surely evolve to our detriment. When traditional cyber defense technology is rendered ineffective or human error is at play, predictive analytic cyber defense technology becomes the last line of defense for an organization. The majority of cyber defenses in an organization is built around signature-based models of "known" malware, whereas predictive analytics is built around the "unknown", establishing a pattern of life within the organization and protecting them from malware and other abnormal activity as well.
Paul Brady, CEO of Unitrends, said, by infusing predictive analytics into Unitrends' backup and business continuity solutions, the company enables customers to detect ransomware as the last line of defense. "Through predictive analytics and machine learning against backup data patterns, organizations of any size can not only detect ransomware before it wreaks havoc on their data, but also revert back to the last legitimate backup point to decrease down time," he said.
Unitrends explained the process: As backups occur, the software processes data regularly. Even without knowing the detailed contents of your files, metrics are collected, analyzed and stored for future decision making. These metrics include ingest patterns, change rates, growth rates, and more. The backup system is able to use machine learning over time to recognize that certain data anomalies are indicative of a ransomware attack. When the right conditions occur, the administrator is alerted immediately.
Ransomware is at the top of the list
Robert Huber, chief security and strategy officer at Eastwind Networks, said ransomware is at the top of the list of priorities for many CISOs and CIOs. Given the cost of an infection via loss of data, or the cost to reclaim your data it makes sense.
“A great method to aid in detection, and more importantly prevention, is the use of predictive analytics, or machine learning. Unfortunately, the compute to perform machine learning at scale has historically been slow and expensive making it mostly reactive. This had been compounded by the difficulty in deploying and managing such as solution,” he said.
Sign up for CIO Asia eNewsletters.