Author: Rick Norgate

By Rick Norgate, Predatar Managing Director.

At Predatar, we understand that the heart of any product lies in solving real-world challenges for our customers. This belief steers our innovation roadmap, and it is your invaluable input that fuels our journey toward creating the most effective and cutting-edge solutions in cyber resilience. Today, we’re excited to unveil Predatar R13.1—an update that’s been shaped by listening closely to your needs and challenges. From deep malware scanning of legacy workloads to enhanced M365 alerting and the introduction of the PlayPen sandbox environment, every feature in R13.1 is a direct response to the needs you’ve expressed. Read on to discover how R13.1 empowers your organization to achieve unparalleled recovery assurance.

Deep Malware Scanning for Legacy Workloads with Predatar TimeMachine

Legacy systems can be the Achilles’ heel in your cybersecurity resilience plan, often escaping rigorous testing due to incompatibility issues. Predatar TimeMachine eliminates this gap by enabling effortless scans of virtual machines running on legacy operating systems or outdated EDR tools. These machines are moved seamlessly into our CleanRoom, where they undergo full recovery testing. Predatar then powers down the virtual machine and mounts all data for an offline scan, ensuring:

• Compatibility with Legacy Systems: Our approach ensures that you don’t have to leave older systems out of your resilience testing.
• Conflict Resolution: Avoid clashes with older Antivirus tools that could otherwise compromise your testing process.
• Enhanced Linux Support: Broaden your resilience testing by incorporating Linux machines into your recovery assurance plan.

Swift M365 Alerting for Instant Notifications

Alerting is often the first line of defence in a resilient cybersecurity architecture. The R13.1 update integrates with M365 to send real-time alerts for a variety of triggers such as failed recovery tests and malware detections. Immediate notifications are sent to your IT and SecOps teams, providing crucial advantages:

• Faster Response Times: The quicker your team is alerted, the faster they can act to mitigate risks.
• Enhanced Cybersecurity Resilience: Keep tabs on recoverability or data cleanliness issues as they happen, rather than discovering them after the fact.

Unleash Your Creativity with PlayPen

Innovation shouldn’t have to be a risky endeavour. R13.1 introduces PlayPen, a sandbox environment that lets you test new features and functions without affecting your live setup. Simply transition your live environment into PlayPen mode to perform:

• End-user Training: Use PlayPen as a safe training ground for your team.
• Cutting-Edge Experimentation: Try out new configurations and recovery methods safely.
• Rigorous Testing: Validate new features or disaster recovery plans before making them live, ensuring robust resilience.

PlayPen makes experimentation and testing as simple as a click, allowing you to revert to your live environment without saving changes once your experimentation is complete.

Conclusion

With the launch of R13.1, Predatar not only addresses some of the most critical challenges in data resilience but also opens the door to limitless possibilities. It’s not just an update; it’s a leap toward a future where recovery assurance is more robust, agile, and innovative than ever. Take the first step into this future by exploring Predatar R13.1.

Book a demo session or contact the Predatar team today!

In today’s increasingly interconnected world, cybersecurity remains a paramount concern. Ransomware, a form of malicious software that encrypts a victim’s data until a ransom is paid, continues to plague businesses and individuals alike. It’s crucial for organisations to rapidly detect and respond to these threats. Yet, with the barrage of alerts coming from security, backup and primary storage platform, how can you separate the real signals of cybercrime from the noise? Enter Artificial Intelligence (AI).

Why Combine Alerts Using AI?

1. Efficiency: Manually sifting through countless alerts from various platforms is tedious and error-prone. AI can process vast amounts of data in a fraction of the time, pinpointing potential threats swiftly.

1. Precision: AI can correlate disparate alerts and contextualize them. For instance, an anomaly in primary storage that aligns with a SIEM alert might be a significant threat. AI can recognise these patterns, thus reducing false positives and honing in on real threats.

1. Proactive Defense: By analysing patterns, AI can predict potential ransomware threats before they manifest, ensuring that defences are in place in advance.

Automated Recovery Assurance Tests and Malware Scans

After identifying the potential ransomware threat, the immediate next step is verification and containment. Here, AI can automate the process by:

1. Running Recovery Tests: Before a disaster strikes, it’s crucial to know if our backups and primary snapshots are sound. AI can take potential threat signals and use them to run recovery tests, ensuring that our backup and snapshot recovery mechanisms are robust and ready. This gives you the assurance that should the worst happen you will be able to recover.

1. Malware Scans in Isolation: Using the identified threats, AI can automate malware scans on both primary snapshots and backups. To ensure no further contamination, these scans are run in isolated sandbox environments which IBM and Predatar call a CleanRoom^TM.

Benefits of No Human Intervention

1. Speed: Every second counts in ransomware defense. Automated AI responses ensure immediate action.

1. 24/7 Coverage: Threats don’t stick to business hours. AI provides constant vigilance, ensuring no downtime in defence.

1. Consistency: Automated responses ensure that every alert is treated with the same rigor, reducing the scope of human error.

In conclusion, as ransomware threats evolve, our defense mechanisms must keep pace. The Predatar platform incorporates state of the art AI to streamline alert processing, threat identification, and response testing for IBM customers. The synergy of Predatar AI with both your IBM Defender and existing IBM data protection platforms will ensure a safer digital realm and boost recovery assurance for your organization.

To find out more about the exciting topic of AI and Cyber Threats. Our MD, Rick Norgate will be bringing this to life in session number 2592 ‘Ensuring Unparalleled Data Resiliency with Predatar & IBM Storage Defender’ at IBM TechXchange in Vegas between the 11th and 14th of September. You can register for the event here.

A recent ransomware attack on the large Danish cloud provider, CloudNordic, has resulted in catastrophic data loss for its customers. In a grim online notice, CloudNordic admitted that the ransomware attack rendered them entirely paralyzed. The aftermath? The majority of their customers should consider their data permanently lost. Such devastating events remind us of the growing audacity of cybercriminals and the vulnerabilities inherent in even the most trusted of IT setups.

The infiltration occurred in the early hours of August 18^th 2023. The criminals, in a calculated move, shut down CloudNordic’s systems, erasing both the company’s and its customers’ websites and email platforms. Efforts to restore the data proved futile, as both production data and backups were compromised. Though it might provide some solace, CloudNordic clarified that they found no evidence of any data exfiltration before the encryption. They speculated that the breach occurred while servers were transitioning between data centres. Some servers, pre-infected, were all linked to CloudNordic’s internal network during the transition, granting the hackers all-access.

Given this sobering incident, how can companies who use the cloud to store business data prevent falling prey to similar attacks?

1. Segregated Backup: CloudNordic’s transfer process inadvertently connected their servers to one internal network which then led to the breach. Ensure that different components of your IT environment (like production, backup, and administrative systems) all use isolated networks, separate access controls, and distinct cloud storage accounts. This will ensure backup data remains untouched even if production data is compromised in the cloud.

2. Multi-layered Backup Strategy: CloudNordic’s backups were compromised along with the production data. This can be avoided if companies follow the 3-2-1 rule: keep three copies of your data, on two different mediums, with one stored offsite. Moreover, offline or air-gapped backups can prevent ransomware from accessing and encrypting backup data.

3. Regular Security Audits & Recovery Assurance Testing: Using tools such as Predatar to deliver automated security checks across backup can identify vulnerabilities before they’re exploited. In addition continual automated restore testing and malware scanning provides assurance that, in the event of an attack, your organisation can efficiently restore from backups.

In conclusion, while CloudNordic is now offering a method for their clients to re-establish web and email servers (sans data), it’s a stark reminder that proactive measures are infinitely preferable to reactive solutions. In the rapidly evolving cyber landscape, relying solely on standard backups from a cloud provider can be perilous. Such backups, while convenient, often exist within the same ecosystem as primary data, making them vulnerable to the same threats. Cyberattacks, like ransomware, can simultaneously target both primary and backup data if they’re co-located. Additionally, cloud outages or provider-centric issues could jeopardise both datasets. For optimal security, diversified backup strategies, incorporating offsite and offline measures, are crucial. Simply put, a holistic approach to backups transcends mere convenience—it’s a necessity for robust data protection.

Book a demo here and find out how Predatar and IBM can help your business secure its cloud data.