Arpio Announces Industry-First Orchestrated Ransomware Recovery for Disaster Recovery in AWS
Ransomware in Focus
It seems that everyone is talking about ransomware these days, and it’s no surprise. Many high profile companies like MGM and Mr. Cooper (a large US-based mortgage servicer) have been recent victims. But they are not alone. 53% of surveyed CISOs report having been hit in the past year1, with 1,700 reported ransomware attacks on North American companies in the past year alone, up 40% in 20232, and an average payout of $850,000.3 The true costs, though, are much higher: downtime, lost revenue, lost data, and reputational damage.
Part of what makes these attacks so insidious is the increasingly common approach of attackers of infiltrating and then waiting months to reveal themselves. This pattern has introduced a concept called “dwell time:” the amount of time an attacker has been in your environment undetected. The possibility of long dwell times complicates recovery because you risk reinfecting your environment if malware has been present for months in your recovery environment
These concerns have been top of mind for me as I talk with customers. They wanted to know how we can help them better insulate from this increasing – and increasingly complex – threat. We’ve spent much of the past year considering what role DR can play, and how to enhance Arpio to support this need.
Introducing Ransomware Recovery with Arpio
Today I’m excited to formally announce Ransomware Recovery in Arpio, a new set of capabilities to make ransomware recovery fast and safe while reducing the technical skills required to perform the procedure. Ransomware Recovery will be included in our Enterprise product, and Arpio is the only automated disaster recovery provider to offer this capability.
In most scenarios Arpio will be able to reduce recovery times from weeks to hours. That can mean the difference between a temporary frustration and a long-term catastrophic business impact.
Our approach is similar to that we take with core Arpio: orchestrating native AWS capabilities with step-by-step guidance. AWS has a very powerful ransomware detection built into Amazon GuardDuty. Using orchestrated recovery, Arpio can invoke GuardDuty to isolate environments and scan for ransomware before recovering.
Our complete solution includes:
- Air-Gapped Immutable Back-up
- Infected System Quarantine with Automatic Malware Scanning
- Clean Room Recovery
Using these capabilities, in most instances infrastructure teams will be able to recover in under two hours, safely and confidently.
Where We’re Headed
Our mission is to make it easy for any organization to achieve world-class resilience for their cloud environments so they can operate with confidence. The Ransomware Recovery release for Arpio Enterprise is our latest step towards that objective. In 2024 we’ll be introducing new capabilities such as automated testing, improved reporting, and broader AWS service support.
If you’d like to learn more about our Ransomware Recovery features please reach out; we’d love to show you a personalized demo.
1AlertLogic: https://www.alertlogic.com/resources/industry-reports/ransomware-in-focus/
2Malwarebytes State of Ransomware 2023
3BlackFog State of Ransomware 2023: https://www.blackfog.com/the-state-of-ransomware-in-2023
