Counter ransomware attacks to prevent data loss and downtime

Secure your data and restore quickly and simply with HPE data protection solutions

+ show more

Ransomware attacks are on the rise

Ransomware dominates the world of IT security and is vastly different from today’s traditional viruses and malware.

Managed by well-funded criminal organizations with squads of full-time developers, ransomware has become a lucrative business for many.


The following statistics heighten the need for a solution that counters ransomware attacks:  1


  • Hackers attack every 39 seconds or an average of 2,244 times a day.
  • 85% of ransomware attacks target Windows systems.
  • 51% of businesses have been impacted by ransomware in the last year.
  • 50% of IT professionals don’t believe that their organization is ready to defend against a ransomware attack.


Companies that become victims of these attacks suffer financially after paying the ransom itself, losing valuable IT time, and experiencing downtime of mission-critical applications. Furthermore, damage to company brand is inevitable after high-profile attacks, leading to loss of customer base and market share.


Data backup stores that are not isolated from the operating system are equally vulnerable to ransomware attacks. Lack of encryption invites malicious access to these stores. When restoring data from backups, fast recovery is critical in order to prevent negative business impact. In addition, any solution that blocks ransomware attacks must coexist with existing data protection technologies such as backup and recovery software, as well as backup appliances.


Data isolation effectively protects the data, but efficient data management requires additional technologies. Implementing the 3-2-1-1 data retention recommendation is critical. This practice involves creating at least three copies of data (one primary copy and two backups), storing two copies on at least two different types of media (for example, disk and tape), keeping at least one copy off-site and one copy offline.


The HPE data protection solution includes HPE StoreOnce Catalyst, HPE RMC, HPE Cloud Volumes Backup, HPE Cloud Bank Storage, and HPE StoreEver Tape Storage. This solution secures your data from ransomware attacks while facilitating fast restores should the need arise—with the simple management of your data protection ecosystem.

  • Increase data security

    HPE StoreOnce Catalyst effectively isolates critical data so attackers cannot access it without resorting to direct physical interactions.

    Even in instances where physical destruction is achieved at a single location, federated HPE StoreOnce Catalyst stores protect mission-critical data by effectively isolating the data from traditional lines of communication and command sets leveraged by ransomware attackers. The HPE StoreOnce Catalyst store is hidden from attackers behind an application programming interface (API) that enhances and simplifies the process of backing up and deduplicating data. This makes it practically impossible for ransomware to attack backup stores directly.


Figure 1. HPE solution overview for data protection against ransomware

  • Deliver on service-level agreements
    Flash-enabled applications can take advantage of crash-consistent snapshots and backups with HPE RMC for the right data to be available for recovery at the right time.

    The HPE StoreOnce Catalyst store is the destination target for mission-critical data backed up by HPE RMC.


    HPE RMC delivers efficient backup and recovery of data by using multiple block-based streams and sending only changed data blocks to HPE StoreOnce. Quick restores of data volumes enable meeting aggressive RPOs and RTOs after a ransomware attack.

  • Reduce data protection complexity

    The HPE data protection solution integrates with existing native application data protection tools and third-party backup and recovery software, enabling simple management with the HPE Management Console (SSMC).

    The integration between HPE RMC and HPE Primera provides HPE Primera administrators the ability to set up the HPE RMC protection policies through the HPE SSMC GUI. The protection policies typically involve taking crash-consistent snapshots on the array. These policies can optionally include the ability to set up Express Protect backups to HPE StoreOnce and set up Catalyst Copies to a secondary HPE StoreOnce system. HPE RMC also allows restores from snapshots and backups or copies from within HPE SSMC.
  • Store and retrieve data in the cloud

    HPE Cloud Bank Storage for HPE StoreOnce lets you leverage the economics, agility, and flexibility of the cloud for modernized data protection. You can natively, securely, and cost-effectively move backup data to the public, private, or hybrid cloud—providing long-term retention and reliable disaster recovery that is simple and efficient.

    The solution sends, stores, and retrieves only unique data for lower total cost of investment (TCO). It is also highly scalable, enabling the protection and retention of more than 100 PB  2 of backup data in your cloud of choice at one-tenth of a cent per month. In addition, it supports a broad ecosystem, cloud-enabling a wide variety of backup apps.


    HPE Cloud Volumes Backup delivers a simple, efficient, and flexible way to store backup data in the cloud. It’s a completely cloud-native backup storage target that enables seamless backup to the cloud—directly from any storage array or backup ISV—without changing existing data protection workflows. Backups can be restored on-premises or in the cloud. HPE Cloud Volumes Backup helps eliminate complexity by eliminating costs of backup infrastructure management while ensuring rapid and safe data recovery. Consumption-based pricing and ultra-efficient data mobility across any hybrid cloud helps optimize costs while transformation of backup data into a business asset reveals new business insights.

  • Guarantee an uncompromised copy for recovery

    Cybercrime, including ransomware, significantly challenges data protection across many organizations and recovery processes. Connected backup and recovery is not enough to counter the evolving threat and to reduce network exposure.

    By using HPE StoreEver LTO technology, it is possible to create an “air gap”, a physical security barrier that prevents hackers and cybercriminals from being able to access the data remotely. If any of the primary systems and backups are encrypted during a cyberattack, a clean copy of data that has been kept fully offline is available. HPE StoreEver tape systems deliver isolated recovery capabilities at scale and hyperscale, at an ultra-low cost per GB. Tape technology continues to be in strong demand as a scalable and secure method to protect and retain essential archive data across longer periods. The ESG solution showcase Leveraging Tape to Combat Ransomware with HPE StoreEver highlights how tape storage can be used effectively to combat ransomware.
  • Leverage the expertise of HPE Pointnext Services
    HPE Pointnext Services offers workshops and assessments that can help you identify and mitigate your risk by putting the right security and privacy controls in place, from user access through data protection for backup and continuity requirements.

    HPE Pointnext Services provides the following services:


    • Advisory Services allow you to envision and define a road map for future success.
    • Consumption-based IT with HPE GreenLake delivers unique pay-per-use solutions for your top workloads—Big Data, backup, database platform, SAP HANA®, and edge computing.
    • Operational services offer new ways of delivering IT by managing and helping optimize workloads, resources, and capacity, both on-premises and in the cloud.
Download the PDF

Windows is either a registered trademark or trademark of Microsoft Corporation in the United States and/or other countries. SAP HANA is a trademark or registered trademark of SAP SE (or an SAP affiliate company) in Germany and other countries. All third-party marks are property of their respective owners.

  • 1 2020 Ransomware Statistics That You Need to See, July 2020.  
  • 2 Assuming dedupe ratio of 20:1 and the maximum logical capacity of HPE StoreOnce 6600 of 34 PB. 
2020 Ransomware Statistics That You Need to See, July 2020.  
Assuming dedupe ratio of 20:1 and the maximum logical capacity of HPE StoreOnce 6600 of 34 PB.