Is Online Object Storage Really Immune to Ransomware? Achieving True Object Storage Immutability with Tape

By Chris Kehoe, Head of Infrastructure Engineering, FUJIFILM Recording Media U.S.A., Inc.

Object storage has many benefits. Near infinite capacity combined with good metadata capabilities and low cost have propelled it beyond its initial use cases of archiving and backup. More recently, it is being deployed as an aid to compute processing at the edge, in analytics, machine learning, disaster recovery, and regulatory compliance. However, one recent paper perhaps got a little over-enthusiastic in claiming that disk-based object storage provided an adequate safeguard against the threat of ransomware.

The basic idea proposed is that ransomware protection is achieved by having multiple copies of object data protecting against that kind of intrusion. If the object store suffers ransomware incursion, the backup is there for recovery purposes. The flaw in this logic, however, is that any technology that is online cannot be considered to be immune to ransomware. Unless it is the work of an insider, any attempt at hacking must enter via online resources. Any digital file or asset that is online – whether it stored in a NAS filer, a SAN array, or on object storage – is open to attack.

Keeping multiple copies of object storage is certainly a wise strategy and does offer a certain level of protection. But if those objects are online on disk, a persistent connection exists that can be compromised. Even in cases where spin-down disk is deployed, there still remains an automated electronic connection. As soon as a data request is made, therefore, the data is online and potentially exposed to the nefarious actions of cybercriminals.

Object storage, then, has many benefits. Its metadata renders it a simple matter to rapidly search through vast numbers of files – hence its growing usage in analytics. These capabilities also make object storage a good fit for the purposes of audits, compliance, and archiving. IT can easily determine the origin of the data, see if and when it has been altered from the original, can set policy, maintain auditable files, and decide who can access, open, alter, and download data. What it isn’t, though, is an immutable and fully protected safe haven against ransomware.

Only an Air Gap Equals Real Ransomware Protection

With the volume of data breaches escalating and ransomware wreaking havoc on many fronts, the only sure way to safeguard data is via an air gap. What this means is that there is a physical gap between the data and the network. An air gap exists, for example, when tapes are removed from a tape library and stored on a shelf or sent to an external provider such as Iron Mountain. In the event of a disaster, cyberattack, or ransomware incursion, the data on those tapes will not be subject to malware or destruction.

The point is that physical tapes are easy to isolate from the network. Their portability produces air-gapped storage that is the only certain way to protect against ransomware attacks. Tape is not just the only enterprise-scale technology that can be easily managed in an offline air gap, it’s now available for object storage.

The Fujifilm Object Archive solution offers low-cost petabyte-scale storage. By leveraging the latest advances in tape technology and object storage, it becomes possible to automatically read and write to tape through S3 compatible API applications. Data is stored directly on tape in object format just like object storage. Tapes can then be read ef­ficiently by the S3 Glacier-compatible API.

Use cases for Fujifilm Object Archive include:

• Archiving to free up valuable space on expensive primary storage
• Storing a backup copy on tape to make it easy to change cloud providers or regain all of your cloud data without incurring expensive egress fees
• Storing of confidential/mission-critical data that cannot be stored in a cloud environment
• Storing large amounts of data that would be more expensive to store in the cloud
• Protection against cyberattack

It is possible to achieve immutable object storage that is effectively protected against ransomware – but only with a tape air gap.