Ransomware attacks lead to a state of emergency in many parts of USA

According to reports, on May 9, local time, the White House announced that Washington, DC, where the 17 eastern states and capitals of the United States are located, had entered a state of emergency in response to ransomware attacks.

The cause of this incident was that Colonial Pipeline, the largest oil product pipeline operator in the United States, suffered a cyber blackmail attack two days ago and was forced to temporarily suspend operations. The fuel net of the eastern coastal states of the United States was once paralyzed.

Colonial Pipeline was founded in 1962 and is the largest oil product pipeline operator in the United States. The total length of pipelines built on the east coast is about 8,850 kilometers, starting in Houston, ending in New York Harbor, and passing through Louisiana, Mississippi, Alabama, etc. 11 States need to transport more than 100 million gallons of gasoline, diesel and jet fuel every day to meet the needs of 50 million customers.

According to reports, the blackmail organization that attacked the Colonial Pipeline was the Russian blackmail group DarkSide that came out in August 2020. The gang not only has a media center to release attack messages, but also specific professionals to analyze the financial situation of the victimized company. It is a professional criminal gang that has caused headaches for major companies. In this attack, DarkSide not only infiltrated the operating system of the Colonial Pipeline and encrypted system files, but also downloaded nearly 100GB of important data as a threat, threatening to "destroy the supply of gasoline and diesel on the East Coast."

In recent years, countless companies have been attacked by ransomware. Some time ago, the computer giant Acer was attacked by the REvil ransomware virus. Threats raised the largest ransom so far: 50 million U.S. dollars. Corresponding ransomware also appeared in VMware virtual machines this year, and some VMware users have been ransomed...

Ransomware tends to come fiercely, but most companies are unable to counteract it. In the final analysis, it is the lack of efficient disaster recovery and backup solutions. As we all know, data backup and disaster recovery are the last line of defense for data security.

As a domestic professional cloud data center disaster recovery and backup solution provider, Vinchin can effectively respond to ransomware attacks:

1. Real-time monitoring to effectively prevent viruses from re-intruding

After installing the Vinchin Disaster Recovery System, the system can automatically check the legitimacy of the files. When the file type is modified or encrypted, it can be discovered in time, and the changed data will not be synchronized to the backup server, which can effectively prevent the re-invasion of ransomware.

2. Remote disaster recovery, dual protection of backup system

Vinchin provides a remote copy function, which supports the backup of a copy of the backup data to a remote backup system. When an accident occurs in the local production system, and the production data and the local backup data are lost at the same time, the copy backup data can be restored locally or remotely, and the recovery business operation can be started, effectively reducing the loss caused by the ransomware virus.

3. File and upload to the cloud, the third layer of data protection

Vinchin supports local archives or cloud archives of important user backup data, effectively manages data, and realizes long-term storage of data. After an accident occurs, data can be restored by restoring the archived data to the disaster recovery end. A variety of data backup methods for users to choose the most suitable solution.

Efficient disaster recovery and backup solutions are the most effective way to deal with ransomware attacks. Vinchin disaster recovery backup system supports virtual machine backup, recovery, instantaneous recovery, and migration of multiple heterogeneous virtualization platforms, effectively protecting the data security of the virtualized environment, and providing effective backup for the data center. In the current era of frequent blackmail incidents, in order to ensure data security and normal business operations, disaster recovery deployment needs to be put on the agenda as soon as possible.