NetApp Leverages AI to Make File System Ransomware Resistant
NetApp today revealed it has embedded artificial intelligence capabilities within its ONTAP file system capable of identifying ransomware threats in real time. NetApp has been using AI to detect ransomware attacks for the past three years, but is now embedding that capability directly into its ONTAP file system.
In addition, NetApp is previewing a control plane, dubbed NetApp BlueXP Ransomware Protection, to streamline the management of a response to a ransomware attack while at the same time updating its platform for managing snapshots to provide tighter integration with capabilities such as SNAPLock and SnapMirror that are embedded within ONTAP.
Finally, a NetApp BlueXP Disaster Recovery offering for VMware environments is now also generally available and the company has extended the company’s ransomware recovery guarantee to the NetApp Keystone storage-as-a-service platform. If files can’t be recovered, NetApp will compensate customers based on terms and conditions previously negotiated.
Phil Brotherton, vice president of solutions for NetApp, said collectively, these capabilities will improve cybersecurity resiliency across both primary and secondary storage systems running the ONTAP file system in an on-premises or cloud computing environment.
The overall goal is to make organizations’ core IT platforms better able to thwart ransomware attacks in a way that reduces the tooling that might otherwise be required, he noted.
It’s not clear to what degree organizations are replacing legacy IT platforms with ones that are designed to better thwart cyberattacks. Still, as more IT teams assume responsibility for security operations (SecOps), there is a greater appreciation for an issue that historically cybersecurity teams have been left on their own to resolve. The challenge is the platforms cybersecurity teams are held accountable to secure were developed in an era that often pre-dates the rise of ransomware threats that are now a pervasive problem. While the cost of replacing legacy platforms can be substantial, the risks associated with a ransomware attack have reached a level that for many organizations replacing platforms has become a more viable financial option.
The simple truth is that a more layered approach to security that includes modern platforms is now required because it is relatively simple for ransomware attacks to bypass a corporate firewall, noted Brotherton.
Each organization will naturally need to determine what level of risk is acceptable based on the potential impact any given cybersecurity threat represents. Still, as IT platforms continue to evolve, cybersecurity professionals are going to naturally migrate to organizations willing to invest in modern IT platforms that are more secure. Many of the issues that understaffed and overworked cybersecurity teams address today can be traced back to fundamental flaws in legacy platforms that cybercriminals have become adept at exploiting.
One way or another, it’s only a matter of time before most organizations are going to be required to modernize their IT environments to combat those potential threats. The only issue that remains to be resolved is determining how much potential damage an organization is willing to potentially absorb before making those investments.
