Paul Lewis, who has been in cybersecurity his entire career, considers it a sad state of affairs that, somewhere along the way, businesses embraced a new best practice …
They dutifully pay their ransom to criminals.
Although it has been said in countless articles warning about the threat of hackers holding data hostage with encryption technologies for big payouts, it’s not always underscored or emphasized: Businesses have decided that paying up is the best choice for them when they’re hit with ransomware-style attacks.
They’re doing so regularly, Lewis said, even if they don’t like talking about it. And the idea that nobody should accept that negotiating with hackers comes with the territory in business today — that’s the maybe not-so-revolutionary notion he’d like to bring to the table.
His pitch — accompanied by a platform advertised as the first “data harbor” designed to eliminate the risk of ransomware attacks — garnered attention late last year at one of angel investor Mario Casabona’s TechLaunch BullPen events. The entrepreneur’s Clinton-based startup, Calamu, won that event.
The prize? Mentorship from the business accelerator TechLaunch. Calamu used that as it developed an automated data protection platform called Calamu Protect that’s just coming out of “stealth mode.” The resulting publicity also propelled them to a $2.4 million seed round raise.
And, after recently revealing the beta version of the security platform, Calamu’s leaders are planning to more thoroughly scale their business in June or July.
The winning solution? A way of fragmenting data files and scattering them across cloud systems — essentially, encrypting data and moving it around before the hackers can do that themselves.
Hackers have devised ways to circumvent other attempts at safeguards.
“When ransomware became a real problem, and you had businesses paying to get data back from their attackers several times, companies started backing up their data on cloud platforms frequently,” Lewis said. “The problem is, attackers got wise to that, and, when the malware landed on a system, they didn’t just say the ransom was for unlocking the data — but so that the sensitive data wasn’t released publicly. And they’d send a sample to show they were serious.”
Through a patented process, the local company is making it so any data stolen in these attacks is rendered useless to the attackers. Would-be data hostage-takers only access the platform’s encrypted fragments of data, with the real information being hidden across multiple cloud systems.
When all is said and done, a company can make its digital footprint whole again by reversing the encryption and scattering of data through an instant auto-healing process, Lewis said.
“And the idea is that you don’t have to go through a process of restoring from a backup, because you’ll be able to use built-in redundancies,” he said. “You just pick up as if nothing has happened with zero downtime.”
Downtime — not even to mention the cost of a ransomware hacker’s asking price — is one of the biggest hurdles to a victim of these attacks recovering after the fact.
“Regardless, it’s not at the top of every company’s mind,” he said. “You hear about it in the news all the time, and by some estimates, these attacks are growing 400% a year right now. But, until you’re attacked yourself, you don’t usually understand the severity.”
Even multinational corporations, Lewis added, don’t always understand the full extent of the problem. Or, if they do, they put all their energy into trying to prevent a breach in the first place.
Instead, Lewis’ time in cybersecurity has taught him that there can be value in accepting that preventing a breach entirely can be close to an impossibility and that it’s better to protect against the risks involved when one happens.
Some things in cybersecurity are a foregone conclusion, such as someone clicking a tainted, malware-infested internet link.
Lewis doesn’t want ransomware’s effectiveness to be one of those conclusions.
“We’re trying to make today’s business a safer place,” he said. “It’s a bold promise that we’re coming out with, but we believe it’s going to eventually become normal to make companies highly resilient — if not totally immune — to data breaches and ransomware attacks.”