Maximize the power of your lines of defense against cyber-attacks with IBM Storage FlashSystem and IBM Storage Defender

Today,
cybercrime
is
good
business.
It
exists
because
the
profits
are
high
while
the
risks
are
low.
Far
from
stopping,
cybercrime
is
constantly
increasing.
In
2023,
the
FBI
received
a
record
number
of
880,418
complaints
with
potential
losses
exceeding
USD
12.5
billion.
This
is
a
nearly
10%
increase
in
complaints
and

22%
increase
in
losses
compared
to
2022.

According
to
the
2024

IBM®
X-Force®
Threat
Intelligence
Index,
ransomware
has
become
the
most
common
attack
observed
globally
in
the
past
four
years.
Knowing
the
havoc
caused
by
ransomware,
organizations
invest
in
creating
lines
of
defense
against
this
threat,
so
it
is
not
surprising
that
today,
cybersecurity
is
the
number
one
expense
in
business
technology.

When
a
cyberattack
strikes,
the
ransomware
code
gathers
information
about
target
networks
and
key
resources
such
as
databases,
critical
files,
snapshots
and
backups.
Showing
minimal
activity,
the
threat
can
remain
dormant
for
weeks
or
months,
infecting
hourly
and
daily
snapshots
and
monthly
full
backups.
Once
the
ransomware
has
collected
all
the
information
it
needs,
it
begins
the
actual
attack,
encrypting
and
making
critical
files
and
databases
unusable.
File
encryption
is
fast
and
the
attack
can
cripple
critical
business
data
in
a
matter
of
minutes.

Take
data
resilience
to
the
next
level

Fortunately,
ransomware
attacks
can
be
detected
and
several
lines
of
defense
can
be
built
in
advance
to
contain
and
control
the
threat.
To
help
organizations
face
the
different
variants
and
strategies
used
to
perpetrate
an
attack,

IBM
provides
end-to-end
data
resilience
solutions
to
efficiently
defend
organizations
from
ransomware
and
other
malware
attacks.

IBM
Storage
FlashSystem
provides
storage
protection
based
on
immutable
copies
of
data
logically
isolated
from
production
environments.
These
Safeguarded
Copies
cannot
be
modified
or
deleted
through
user
errors,
malicious
actions
or
ransomware
attacks.
IBM
Storage
FlashSystem
also
offers
inline
data
corruption
detection
through
its
new
Flash
Core
Modules
4
(FCM4),
which
continuously
monitors
statistics
gathered
from
every
single
I/O
using
machine
learning
models
to
early
detect
anomalies
at
block
level.

For
its
part,

IBM
Storage
Defender
is
a
purpose-built
end-to-end
solution
that
significantly
simplifies
and
orchestrates
business
recovery
processes
through
a
unified
view
of
data
protection
and
cyber
resilience
status
across
the
hybrid
cloud
with
seamless
integration
into
security
dashboards.
It
deploys
AI-powered
sensors
to
rapidly
detect
anomalies
in
virtual
machines
(VMs),
file
systems,
databases
and
other
applications
hosted
in
Linux
VMs.

Better
together

These
IBM
Storage
solutions
are
a
flagship
in
the
cyber
resilience
industry.
Both
have
capabilities
that
complement
each
other,
and
working
together
can
substantially
improve
the
overall
capacity
for
early
threat
detection,
data
protection
and
fast
recovery.
The
way
they
interact
in
a
coordinated
manner
is
explained
below:

To
improve
threat
detection,
IBM
Storage
Defender
combines
its
software
sensors
with
the
inline
data
corruption
detection
(IDCD)
that
comes
from
the
IBM
FlashSystem
Flash
Core
Modules.
This
dual
source
provides
more
data
to
the
Machine
Learning
models,
reducing
false
positives
and
producing
more
accurate
results.

Additionally,
IBM
Storage
Defender
can
help
clients
restore
production
systems
more
quickly,
identifying
the
most
recent
trusted
copy
and
its
location.
These
protected
copies
can
be
in
primary
storage
or
traditional
backups.
If
the
copy
is
presented
on
primary
storage,
the
client
can
use
the
value
of
that
system
to
restore
operations
in
minutes
rather
than
wait
for
restoration
over
the
network.

As
an
additional
layer
of
protection,
workloads
can
be
restored
in
an
isolated
“Clean
Room”
environment
to
be
analyzed
and
validated
before
being
recovered
to
production
systems.
This
verification
allows
clients
to
know
with
certainty
that
the
data
is
clean
and
business
operations
can
be
safely
reestablished.
Clean
Room
environments
can
be
configured
through
seamless
integration
with
partner
solutions.

Business
benefits

The
coordinated
interaction
between
IBM
Storage
Defender
and
IBM
Storage
FlashSystem
improves
the
lines
of
defense
to
fight
ransomware
more
efficiently,
delivering
the
following
benefits:

• A
  unified
  and
  clear
  view
  of
  the
  overall
  data
  resilience
  status
  across
  primary
  and
  auxilliary
  storage.
• Automated
  creation
  of
  Safeguarded
  Copies
  logically
  isolated
  from
  production
  environments
  that
  cannot
  be
  modified
  or
  deleted
  during
  ransomware
  attacks.
• Ransomware
  detection
  at
  block
  level
  in
  
  60
  seconds
  or
  less.
• Detailed
  information
  about
  validated
  Safeguarded
  Copies
  and
  their
  location,
  so
  they
  can
  be
  used
  as
  a
  trusted
  source
  of
  data
  to
  recover
  business
  operations
  quickly.
• Ability
  to
  restore
  a
  Safeguarded
  Copy
  within
  
  60
  seconds
  or
  less.
• Clean
  room
  environment
  to
  verify
  that
  workloads
  can
  be
  safely
  restored
  to
  production.
• Alerts
  to
  Security
  Operations
  Center
  (SOC)
  and
  other
  incident
  teams
  to
  help
  coordinate
  the
  execution
  of
  recovery
  plans.

Today,
only
IBM
can
provide
end-to-end
data
resilience
across
the
entire
hybrid
cloud.
IBM
continues
its
commitment
to
further
improve
the
synergy
capabilities
between
IBM
Storage
Defender
and
IBM
Storage
FlashSystem,
delivering
the
best
solutions
in
the
industry
to
maximize
business
continuity
despite
ransomware
attacks
and
other
data
loss
risks.

Monitor,
protect,
detect,
and
recover
across
primary
and
secondary
storage