Ransomware has a specific profile, and it’s one that this company monitored for using Visual One Intelligence’s visibility tools. Otherwise, they wouldn’t have noticed this potential case of ransomware.
Ransomware is Hard to See – Until It’s Too Late
Ransomware cyberattacks are on the rise, with thousands of companies being targeted each year. According to reporting from the FBI, ransomware attacks rose by 62 percent between 2019 and 2020 – making them the fastest-growing cybercrime threat for businesses.
These threats are hard to detect. Too often, companies are blindsided and discover they are under attack when it is too late to defend themselves.
Visual One Intelligence™ Monitored for Four Early Warning Signs
Because they use Visual One Intelligence™ for storage visibility, the company received an email alert notifying them that two early warning signs of potential ransomware were detected.
Ransomware typically follows a pattern of growth visible within storage data:
New data showed a sudden workload spike (isolated to a few LUNs) that was remaining high without explanation – the first three warning signs of ransomware.
The company was unaware of this activity and did not know what was causing the spike. As a result, they opened an immediate investigation thanks to Visual One Intelligence’s alert.
Improved Security & Awareness
Fortunately, the investigation revealed the source of the workload spike to be the result of a software installation error.
However, they were alarmed to learn that they would not have noticed the warning signs under their internal monitoring processes. As a result, relying on Visual One Intelligence’s monitoring became a significant part of their storage and security strategy.