Axcient AirGap Proves Tried and True at Protecting SMBs from Ransomware
Ransomware continues to be the fastest growing and most prevalent type of cybercrime, and yet, many Managed Service Providers (MSPs) continue to leave the door open for bad actors. As a 100% channel-focused solutions provider with the mission to cure data loss, Axcient is eliminating the fatal damages of ransomware. It’s impossible to stop hackers from hacking, but with Axcient AirGap, data is never lost.
Released in summer 2020, Axcient AirGap continues to prove its value through rigorous third-party testing and during disaster recovery. This fail-safe technology combats the biggest threat facing MSPs and your clients, but hey, don’t take our word for it…
Why is Axcient AirGap Awesome?
Axcient AirGap is your answer to today’s sophisticated, complex, often human-operated ransomware attacks. Hackers are going to hack, but you can stop a successful attack. Axcient AirGap is the ultimate last line of defense in a layered security approach. When endpoint protection fails, and firewall security is compromised – even after a hacker thinks they’ve deleted business-critical data and backup files – Axcient AirGap has your back.
Simply put, Axcient AirGap separates data deletion requests, from the actual mechanics of data deletion. Data can then only be deleted after passing through the safety archive after a period of time. Fake signals or ‘honeypots’ are embedded into the technology to trick hackers into believing they successfully deleted data. Attackers think the job is done, but the data is fully intact and available for near-instant recovery. The joke’s on them and you get the last laugh! Fully automatic, always-on, and instantly applied to all data in the cloud, Axcient AirGap is secure by design. As a built-in feature of x360Recover, Axcient’s business continuity and disaster recovery (BCDR) software, you never have to worry about ransomware again.
You may be thinking, “prove it,” so we did! Axcient enlisted the help of FRSecure, an independent information security management company, to conduct both automated and manual, internal penetration testing. The focus was to determine the level of effort required for a bad actor to overcome Axcient AirGap technology. In other words, if data is backed up with x360Recover, and Axcient AirGap, can it be deleted?
Axcient gave FRSecure VPN access to our data center to mimic a compromised developer system and a specific vault. No hosts were ‘out of scope’ so we could completely assess any vulnerabilities discovered. FRSecure’s objectives were as follows:
- Establish persistence and enumerate the network.
- Gain privileged access.
- Move laterally throughout the network to obtain administrative levels of access to the environment.
- Access sensitive data.
- Crack passwords.
- Permanently destroy backup data in an x360Recover vault.
So, what’s the answer to the question, if data is backed up with x360Recover, and Axcient AirGap, can it be deleted? …N.O. NO! Here’s what FRSecure reported in their findings:
- “FRSecure attempted to delete [a data system] from the management portal and it was successfully deleted. [Axcient AirGap] was able to restore a complete backup to the management portal and vault. FRSecure couldn’t fully destroy data from the air-gapped repository during this test.”
- “With access to the management portal, FRSecure took advantage of this to attempt to delete the [data system]. The system disappeared immediately, however; a restoration was completed from the [Axcient AirGap] backup.”
- “FRSecure then tried to delete [the data system] from the [x360Recover] vault and after 45 minutes the system was still available.”
Since launching Axcient AirGap in early 2020, Axcient has successfully used the technology to recover ‘lost’ data after advanced attacks. In one instance, a hacker sat silently within a system learning company behaviors and expanding privileges. On a Sunday, the hacker took advantage of most people’s day off, and crypto locked everything hoping for a quick getaway. At the same time, the attack also compromised our Axcient Partner at an administrative level, and crypto locked 10 of their clients.
What could have been a business-ending attack for our MSP Partner and all 10 of their clients, was a relatively unexciting, quick restore with no one even considering a ransom payment. Because our x360Recover partners and their clients have Axcient AirGap always on, Axcient simply wiped the systems and restored everyone’s data from their backups.
“As a long-time Axcient Partner, it is fantastic that Axcient listens to the Partner community and has strengthened their investment in BCDR technology. We upgraded to Axcient x360Recover without conversion or migration and are already benefiting from valuable features like Axcient AirGap. We’re very security conscious, so the Axcient AirGap feature is critical to our managed services offering.”
To get a full understanding of how recovery looks at Axcient, see a support ticket in real-time:
May 13th at 10:10 a.m. | Partner: “Someone penetrated our system last night and managed to delete protected systems in multiple appliances.”
May 13th at 10:31 am (20-minutes later) | Axcient: “Backups and protected servers on first appliance successfully recovered, we have 6 more to go.”
May 13th at 1:58 pm (4-hours later) | Axcient: “All protected systems on all appliances were successfully recovered. Root and admin passwords changed. Partner clients have ransomware; Partner will start recovery.”
May 15th at 3:26 pm (2-days later) | Axcient: “Kindly let me know if we can close this ticket.”
May 15th at3:32 pm | Partner: “Yes you can close it, thank you very much.”
Yeah, it’s not very exciting because not paying the ransom is pleasantly boring. With the right backups and protections in place, ransomware doesn’t have to be the business-ending news story we often see. You can recover quickly, quietly, and calmly while ensuring customers’ peace of mind and confidence in your services. Removing the industry’s largest threat is a pretty big deal, so check it out for yourself!
About the Author:
Liz Mellem // Technical Copywriter, Axcient
Liz Mellem has been a freelance copywriter for over three years in the technology, education, and alternative medicine industries. She produces content, sales collateral, and email marketing campaigns that contribute to digital marketing strategies for sales growth and brand awareness. In her free time, Liz enjoys reading, exploring Austin, and Netflix with her cat, Harlem.
More from our blog:
See how Axcient delivers peace of mind when AutoVerify completes a daily thorough assessment of all drives and data to ensure cloud and on-prem backups are available and useable, we dove into how chain-based backup works and why chain-free is the way to be, take a comprehensive look at Axcient’s robust, partner-driven dedicated support, marketing materials, and free on-demand training, our CEO David Bennett explains why the current cybersecurity landscape means traditional backup is dead, or learn how you can ditch pricey on-site appliances with Local Cache for Direct-to-Cloud BCDR.