Ransomware has had a major impact on how IT organizations think about protecting data. Now Druva, a provider of data protection and management software delivered as a service, wants to make it a lot simpler for IT organizations to identify data that is being targeted by ransomware before things completely spin out of their control.
Today, Druva announced it is employing machine learning algorithms across its cloud service to continually assess the unique attributes of changes being made across various file types to make it easier to identify abnormal deletions, unusual modifications and updates, and an atypical number or large number of file creations.
Druva CEO Jaspreet Singh says all these events are symptomatic of events associated with ransomware attacks. In the event of such an attack, Singh says, Druva can now also pinpoint the last safest snapshot for an organization to recover.
Machine learning algorithms, Singh says, are only part of an overall approach to data protection that is rapidly evolving. Singh says Druva also plans to make use of deep learning technologies to optimize data protection processes.
“We want to be able to assess what we are learning and how to apply it,” says Singh.
By employing encryption technologies to essentially take data hostage, cybercriminals have elevated ransomware to new heights in malfeasance. At the same time, however, awareness of those attacks is elevating the conversation surrounding data protection. Right now, the only effective defense against ransomware is to be able to access a pristine copy of data before it became encrypted. That may still result in some data being lost, but not usually to the point where an organization feels compelled to pay ransom to regain access to its data.
The rise of ransomware clearly puts a lot more pressure on how IT organizations go about managing data. On the plus side, however, that also means a lot more research and development is now being applied to automating as much of that process as possible to enhance overall IT security.