Welcome to KubeCampus Course 13 – Defeating Ransomware with Kasten K10

Welcome to KubeCampus Course 13– Defeating Ransomware with Kasten K10

Welcome to this in-depth hands-on lab, where we delve into the pivotal role of immutable backups in ransomware protection, using Kasten K10 as our tool of choice.

In today’s digital landscape, ransomware attacks are becoming increasingly sophisticated and commonplace. Protecting our data and ensuring swift recovery in case of breaches are paramount. This is where the principles of immutable backups, which prevent any modifications after being written, come into play.

This lab is segmented into two parts:

Theory Quizzes: Begin your journey by testing your foundational knowledge on ransomware attacks, their impact, and the principles of immutable backups:

• Immutable Backups and Object-locking
• Compatibility with Immutable Backups
• Protection against Sophisticated Attacks
• Kasten K10’s Response to Attacks

Hands-on Challenges: Dive deep into the practical world where you’ll be:

• Installing and Configuring Kasten K10 and MinIO
• Set up MySQL and Establish a Sample Database
• Backup Policy Creation
• Simulate a Ransomware Attack and Analyzing Implications
• Recovering from a Worst-Case Scenario Attack using Kasten K10

Upon the completion of this lab, you will have a comprehensive understanding of how immutable backups work and their significance in ransomware protection. You’ll be equipped with the skills to configure Kasten K10 effectively, ensuring robust data backup and recovery mechanisms are in place for your infrastructure.

Important

• Please read all material referenced in any links provided in the lab.
• On multiple-choice questions, note that more than one answer may be correct.
• Please note this lab is timed and should be completed in one sitting.
• The lab will take about 45 minutes to 1 hour to complete, depending on your skill level.

Structure of the lab

Theory – Ransomware concepts

This section will cover terminology for ransomware Kasten K10. You will review material on-screen, then answer a challenge question. You must answer the questions correctly to proceed to the hands-on section.

During the theory section, we will cover the following topics:

• Immutable Backups
  • Immutable backups are backup datasets that cannot be modified, overwritten, or deleted until a pre-determined retention period expires. This ensures the integrity and reliability of backups, especially during scenarios where data might be maliciously altered or deleted such as a ransomware attack
• Object Locking in Data Protection
  • Object-locking is a mechanism that enforces immutability on stored objects. It prevents any form of alteration or deletion for a specified period, making it a vital feature for backup solutions aiming to safeguard against data tampering or deletion by malicious actors
• Importance in Data protection
  • With the rising threat of ransomware attacks, where data is encrypted and held ransom, having a backup that is both accessible and immutable becomes invaluable. Immutable backups ensure that, even if primary data is compromised, a reliable and untampered copy remains available for recovery. With the rising threat of ransomware attacks, where data is encrypted and held ransom, having a backup that is both accessible and immutable becomes invaluable. Immutable backups ensure that, even if primary data is compromised, a reliable and untampered copy remains available for recovery.
• Compatibility with Immutable backups
  • In the modern era of cybersecurity, safeguarding data has become increasingly paramount. Immutable backups provide a solution by ensuring that once data is written, it cannot be modified or deleted over a specific period of time. This guarantees the availability of data in the face of ransomware attacks, user errors, or other data corruption scenarios.
• Key concepts of Immutable backups
  • Immutable backups rely on several foundational principles:
    • Write Once, Read Many (WORM): Once the data is written, it can’t be altered or deleted until a pre-defined retention period expires.
    • Retention Policies: These determine the duration for which the backup data remains immutable.
    • Versioning: Enables multiple versions of files, ensuring that even if new data is backed up, older versions are still available and immutable.
  • Benefits of Immutable Backups
    • Immutable backups provide various advantages:
      • Protection against ransomware attacks, as attackers can’t encrypt or delete backup data.
      • Accidental deletions or changes can be recovered, ensuring data integrity.
      • Regulatory compliance, especially in industries where data retention is crucial.
    • Protection against Sophisticated attacks
      • In today’s evolving cyber threat landscape, protection against sophisticated attacks is crucial. Advanced attackers use multi-vector approaches, zero-day vulnerabilities, and persistent techniques that can bypass traditional security defenses.
      • Cybersecurity strategies now must anticipate these threats and provide multiple layers of defense to ensure data, infrastructure, and users remain safe

Hands-on Commands Section

In the hands-on section, we will focus on operationalizing our ransomware strategy and how Kasten K10 provides key backup and recovery for ransomware situations

The challenges in the hands-on section will cover the following:

Kasten K10’s response to attacks

• In a Kubernetes-based environment, understanding how tools like K10 respond to cyber threats is pivotal. K10, as a robust data management platform, offers not only backup and recovery solutions but can also potentially offer security features to safeguard data in the event of attacks.
• Ensuring continuous protection and quick recovery from attacks is paramount in such environments.
• While K10 primarily focuses on data management in Kubernetes, it may integrate or work alongside various security solutions. You will learn these key hands-on skills.
  • Creating Immutable Backups: Protects backup data from being altered, ensuring data integrity.
  • Creating commands for policy-driven data management: Allows configurations that ensure only authorized access and operations on the data.
  • Integrating with Security Tools: While not a security tool per se, K10 can integrate with Kubernetes-native security solutions for enhanced protection.
  • Successfully recovering from a ransomware attack scenario.

Is There Pre-work for the Course?

Yes. Be sure to read and study this blog post, watch the video showing the work to be performed, and view the accompanying slides that form part of each course.

How Do I Access Course 13?

Go to Kubecampus.io and navigate to the “Courses” tab to begin. All the best. Enjoy!

Note: Additional Learning To extend your learning experience, Kasten offers a variety of resources such as white papers, case studies, data sheets and eBooks on Kubernetes backup. Follow this link to explore those learning materials!