Monthly Archives: September 2023

MGM Resorts Ransomware Attack: Disaster Recovery as a Malware Defense

This article was authored by me and posted on my company’s website. Please read the full article there.

MGM Resorts reported an active Ransomware incident starting on September 11th, and as of September 17th, it had not fully recovered. Rumors are that the company did not pay the ransom and is “recovering” its systems.

It makes you wonder, if a company like MGM Resorts, with all of its available resources, is struggling with a ransomware attack, what does that mean for the everyday company, not on its scale? After all, cyber criminals attack companies of all sizes.

I previously wrote about the concept of using the cloud to test and perfect your malware defenses. The main point is that the cloud could be a safe way to test your preventative measures in a live sandbox environment without the risk of actual contamination.

Why didn’t MGM switch to its Disaster Recovery (DR) system? You would think it would have a mirror of its production systems, and it could “switch over” in such events. Most DR systems are designed to switch over in minutes or hours, but not days or never. There are a few possibilities. One might be that its DR system was also impacted by the attack. The other is that its DR model likely did not include shared components essential to its overall operation, which seems unlikely.

Continue to the full article at this link.

The Rise of the Super Cloud and What it Means for Specialized Workloads

This article was authored by me and posted on my company’s website. Please read the full article there.

First came “the cloud,” and IT embraced and consumed it. For many companies, this evolved into hybrid-cloud due to business requirements such as meeting regulatory and data sovereignty requirements, leveraging paid-for on-premises technology investments, and addressing requirements for low latency, especially when communicating to legacy architectures.

Then came “multi-cloud,” as described by Vmware and others. Where “the cloud” usually means using the services of a single cloud provider, which most of us have done, “multi-cloud” describes using multiple cloud providers’ services in a heterogeneous way. More complex than the single cloud, multi-cloud is helpful for organizations needing to pick and choose services from various cloud vendors or requiring high-end redundancy. Today, 61% of businesses use one or two clouds and are considered to be “multi-cloud.” The drawback of multi-cloud is that each cloud operates in a more isolated operational model, and the customer has to integrate them. Concerns about specialized skill sets, greater complexity, and increased security concerns are often cited as the challenges of multi-cloud.

Continue to the full at this link.