DEEP DATA OCEANS NEED DEEP DATA STORAGE.  LTO Media capacity hits a new shipment record of 152.9 EB in 2023!*

*Total tape capacity (compressed)

USING LTO-9 TAPE TECHNOLOGY, YOU CAN SECURELY STORE OVER 25 PB OF DATA

in a single data rack at a fraction of the cost and energy consumption of disk-based storage.

READ THE EYE OPENING REPORT BY SOLUTIONS NORTH CONSULTING

See how LTO Tape Technology helps both data economics and optimizing data value.

JOHN MONROE SHINES A BRIGHT LIGHT ON STORAGE MANAGEMENT

Click to read his illuminating report on Storage Management in an Age of Minimal Data Deletion.

A NEW ROADMAP FOR A NEW DATAVERSE

LTO technology now extends to 14 generations.
The future arrives today.

BLOGBYTES

Expert opinions, information and comment from the LTO Program.

Low cost. Security from ransomware. Flexible expansion capability. Only LTO technology.

Latest Headlines

May 13, 2024
Boeing Confirms LockBit Hackers Demanded $200 Million Ransom After 2023 Data Breach
Aerospace giant Boeing has confirmed that the LockBit ransomware gang demanded a staggering $200 million extortion payment after breaching the company’s network and stealing sensitive data in October 2023.In early November, the notorious Russia-linked cybercrime group published approximately 43 gigabytes of data allegedly stolen from Boeing’s IT systems, including backups of management software configurations, monitoring logs, and auditing tools. LockBit initially posted a 4GB sample of the stolen data in December, threatening to leak more if Boeing did not “cooperate.” The hackers dumped the full trove online when the company refused to engage.While 43GB represents a significant volume of information, some cybersecurity experts believe it may not reflect the full extent of data exfiltrated from Boeing’s network.“If they only got 43 GB of data from Boeing they obviously didn’t get very far into the Boeing network,” one researcher noted. “That’s barely a couple of lightly utilized laptop backups, or maybe one satellite office’s design data.”Free Webinar on Live API Attack Simulation: Book Your Seat | Start protecting your APIs from hackersIn a statement, Boeing acknowledged Cyberscoop that “elements of our parts and distribution business” were impacted by the incident but asserted that it posed no threat to aircraft or flight safety. The company declined to comment further, citing an ongoing investigation in coordination with law enforcement.The $200 million ransom demand, one of the largest publicly known extortion attempts to date, was revealed in a U.S. Department of Justice indictment unsealed this week. Authorities identified a Russian national, Dmitry Yuryevich Khoroshev, as the mastermind behind the LockBit operation, which has reaped over $500 million from victims worldwide since emerging in late 2019.LockBit’s attack on Boeing, one of the world’s largest aerospace and defense contractors, underscores ransomware’s growing threat to even the most well-resourced organizations. “If multibillion-dollar companies cannot secure their networks, what chance do cash-strapped school districts have?” said Emsisoft threat analyst Brett Callow. “Governments really do need to rethink their counter-ransomware strategies.”On-Demand Webinar to Secure the Top 3 SME Attack Vectors: Watch for Free
May 13, 2024
Cyber security focus: Ransomware attacks is a prominent threat for maritime - safety4sea
Cybersecurity in the maritime industry is becoming increasingly crucial as vessels, ports, and supply chains embrace digitalization. With the integration of IoT (Internet of Things) devices, automation, and interconnected systems, the sector faces a growing threat landscape that includes risks such as data breaches, ransomware attacks, and sabotage attempts.According to European Union Agency for cyber security, this shift is accompanied by a notable rise in cyberattacks targeting critical maritime infrastructure like ports and shipping firms, underscoring the necessity for enhanced focus and action on maritime cybersecurity.The report utilizes the ENISA Cybersecurity Threat Landscape Methodology, analyzing a total of 98 publicly reported incidents during the specified timeframe. Data collection primarily focuses on EU member states and extends to global incidents impacting the EU. Major incidents were identified through open-source intelligence (OSINT) and cyber threat intelligence capabilities.ENISA highlights that during the period of January 2021 to October 2022, the prime threats identified include:ransomware attacks (38%): a type of attack where threat actors take control of a target’s assets and demand a ransom in exchange for the return of the asset’s availabilitydata related threats (30%): Sources of data are being targeted with the aim of unauthorised access and disclosure and manipulating data to interfere with the behaviour of systems.malware (17%): Malware is an overarching term used to describe any software or firmware intended to perform an unauthorized process that will have an adverse impact on the confidentiality, integrity or availability of a system.denial-of-service (DoS), distributed denial-of-service (DDoS) and ransom denial-of-service (RDoS) attacks (16%): Availability is the target of a plethora of threats and attacks, among which DDoS stands out. DDoS attacks target system and data availability and, though not a new threat, have a significant role in the cybersecurity threat landscape of the transport sector.phishing / spear phishing (10%): Social engineering encompasses a broad range of activities that attempt to exploit a human error or human behaviour with the objective of gaining access to information or services.supply-chain attacks (10%): A supply-chain attack targets the relationship between organisations and their suppliers.During the reporting period, the threat actors with the biggest impact on the sector were state-sponsored actors, cybercriminals and hacktivists. We observed the following trends:Ransomware attacks became the prominent threat against the sector in 2022. Ransomware has been steadily increasing and the transport sector has been affected similarly to the other sectors.Cybercriminals are responsible for the majority of attacks on the transport sector (54%), and they target all subsectors.Threat actors will increasingly conduct ransomware attacks with not only monetary motivations.The increased hacktivist activity targeting the transport sector is likely to continue.The increasing rate of DDoS attacks targeting the transport sector is likely to continue.The main targets of DDoS attacks by hacktivists are European airports, railways and transport authorities.During this reporting period, we did not receive reliable information on a cyberattack affecting the safety of transport.The majority of attacks on the transport sector target information technology (IT) systems. Operational disruptions can occur as a consequence of these attacks, but the operational technology (OT) systems are rarely being targeted.Ransomware groups will likely target and disrupt OT operations in the foreseeable future.According to the report, in 2022, ransomware attacks emerged as the primary threat to the sector, surpassing the data-related threats that dominated in 2021. Nevertheless, ransomware groups are still seen as opportunistic and not specifically targeting the transport sector more than others. Recent trends suggest no notable increase in ransomware attacks targeting transportation compared to other sectors. Ransomware incidents have been on the rise overall, affecting the transport sector in line with other industries.Credit: ENISAKey challenges to manage cyber security According to DNV, effectively managing cybersecurity in the dynamic and intricate energy sector is far from simple. The sector is experiencing significant digitalization, innovation, and shifts toward cleaner energy sources amid changing global demand and the impacts of conflict in Europe, which are influencing global energy prices and distribution patterns.#1 The ‘wait and see’ effect is holding back progress: Six in 10 C-suite respondents acknowledge, for example, that their organization is more vulnerable to attack than ever before, but far fewer (44%) expect to make urgent improvements in the next few years to prevent an attack.#2 The air gap is closing fast: When considering the risk of a cyber-attack on their industrial control systems, energy businesses have taken some comfort from the knowledge that their OT platforms have traditionally had an ‘air gap’ insulating them from the IT network.#3 A global shortage of expertise: In an unfolding cyber incident, where hackers have infiltrated the network and need to be contained, every second counts. It’s therefore concerning that just 31% of respondents assert confidently that they know exactly what to do if they became concerned about a potential cyber risk or unfolding attack.#4 Complex supply chains disguise critical vulnerabilities: Supply chains in the energy sector are global in scale and increasingly complex, relying on third and fourth parties whose cyber security systems and processes are harder to assess with certainty. Consequently, cyber security across the supply chain is an area in hich respondents are less confident than they need to be to protect their critical systems and data.Where we stand The issuance of the Navigation and Vessel Inspection Circular (NVIC) by the US Coast Guard (USCG) in March 2024 underscores the critical importance of cybersecurity in the maritime sector. With cyber incidents such as ransomware attacks, data breaches, and IT disruptions becoming the primary concern for companies globally, as highlighted in the Allianz Risk Barometer 2024, the maritime industry is not immune to these threats.As the maritime sector increasingly relies on digital technologies for navigation, communication, and operational efficiency, it becomes more vulnerable to cyber threats. A breach in cybersecurity could not only disrupt operations but also compromise the safety and security of vessels, crew, and cargo.Moreover, in the broader context outlined in the Global Risks Report, rapid technological change presents both opportunities and challenges. While advancements in technology enhance efficiency and connectivity, they also introduce new vulnerabilities and risks. Economic uncertainty, exacerbated by factors such as geopolitical tensions and climate change, further complicates the landscape.In conclusion, the transport sector faces an evolving cyber threat landscape characterized by ransomware’s increasing prominence and hacktivists’ use of DDoS attacks for geopolitical motives. As cyber threats become more complex and targeted, proactive cybersecurity measures and collaboration between transport stakeholders and cybersecurity professionals are imperative to mitigate risks and ensure the resilience of critical transportation infrastructure.
May 13, 2024
Healthcare System Ascension Confirms Ransomware Attack - Williamson Source
On May 8, one of the largest private healthcare systems, Ascension, detected unusual activity in their network systems, which was later determined caused by a ransomware attack.Systems that are currently unavailable include the electronic health records systems and various systems utilized to order certain tests, procedures and medications. Ascension hospitals and facilities remain open and are providing care. However, due to downtime procedures, several hospitals are currently on diversion for emergency medical services in order to ensure emergency cases are triaged immediately.An Ascension spokesperson released the latest update on May 11:“We continue to diligently investigate and address the recent ransomware incident, working closely with industry leading cybersecurity experts to assist in our investigation and restoration and recovery efforts. Additionally, we have notified law enforcement, as well as government partners including the FBI, the Cybersecurity and Infrastructure Security Agency (CISA), the Department of Health and Human Services (HHS), and the American Hospital Association (AHA). We remain in close contact with the FBI and CISA, and we are sharing relevant threat intelligence with the Health Information Sharing and Analysis Center (H-ISAC) so that our industry partners and peers can take steps to protect themselves from similar incidents.While our restoration work continues in earnest, our focus is on restoring systems as safely as possible. While we expect this process will take time to complete, we are making progress and systems are being restored in a coordinated manner at each of our care sites. We will continue to share updates on our recovery process.”This is an ongoing situation.Please join our FREE Newsletter This article is a press release provided to the media for distribution.
May 13, 2024
Hackers Exploiting MS-SQL Severs To Deploy Mallox Ransomware - Cyber Security News
Information such as financial records, customer information, and intellectual property that may be sold on the black web markets is what MS-SQL servers commonly store. In addition, a hacked MS-SQL server can present an entry point into the organization’s network, from where ransomware can be deployed or other malicious activities can be carried out. Due to weak passwords, unpatched vulnerabilities, and misconfigurations in MS-SQL installations, threat actors using automated scanning and exploitation tools find them appealing.Recently, cybersecurity researchers at Sekoi discovered that hackers have been actively exploiting the MS-SQL servers to deploy Malloz ransomware.Technical AnalysisAn MS-SQL honeypot deployed on April 15th was swiftly compromised via brute-force attacking the weak “sa” account from XHost Internet Solution IPs, around 320 attempts per minute.Free Webinar on Live API Attack Simulation: Book Your Seat | Start protecting your APIs from hackersPost-intrusion, the attackers leveraged MS-SQL exploits to deploy Mallox ransomware using PureCrypter. Investigating Mallox samples revealed two affiliate groups – one exploiting vulnerabilities, the other conducting broader system compromises.On April 15th at 2:17 pm, exploitation attempts began on the tampered MS-SQL honeypot from AS208091 IPs only hours after the initial “sa” account breach.When analyzing the logged attacker actions, two different recurring exploitation schemes were revealed. These schemes were likely executed using scripts or tools.By examining IoCs and TTPs, it was found that 19 out of many attempts identified a pair of separate patterns corresponding to one and the same intrusion set.Mallox deployment flow (Source – Sekoia)The MS-SQL exploitation attempts deployed payloads corresponding to PureCrypter, which downloaded files with random multimedia extensions containing encrypted .NET libraries. These libraries were Reflectively loaded, decrypting, and executing the next stage of PureCrypter payload that finally loaded the Mallox ransomware from its resources. PureCrypter employs evasion techniques like environment detection, privilege adjustments, and deflating or decrypting embedded resources. When PureCrypter failed, the attacker attempted direct Mallox deployment. PureCrypter uses protobuf definitions to store the encrypted Mallox executable under a randomized name like “Ydxhjxwf.exe”.Mallox is a notorious ransomware-as-a-service (RaaS) operation that distributes multiple variants of the Mallox ransomware, also known as Fargo, TargetCompany, etc. It accelerated attacks in late 2022 using double extortion, becoming one of the most distributed ransomware families in early 2023. Mallox operators exploit vulnerabilities in MS-SQL servers, brute-force weak credentials, and leverage phishing for initial access. Operated likely by former tier ransomware group members, Mallox transitioned to a RaaS model in mid-2022 with personas like “Mallx” and “RansomR” recruiting Russian-speaking affiliates on forums like RAMP. By mid-2022, the Mallox ransomware learned to use the double extortion technique of data exfiltration and publicizing stolen data. It then shifted to specialized negotiation sites on TOR and used a triple extortion strategy, reads the report.In 2022-2023, Mallox soiled its hands by heavily impacting Asian victims in various fields such as manufacturing and retail, despite claiming to avoid attacking Eastern Europe.Affected countries (Source – Sekoia)The website for releasing dumped information contained over 35 victims’ names. An analysis showed that MS-SQL gaps were exploited by “maestro” among the employees of Mallox during the initial compromise.On-Demand Webinar to Secure the Top 3 SME Attack Vectors: Watch for Free
April 05, 2024
7 reasons why LTO won't die - Preferred Media
Magnetic tape was first used to record computer data way back in 1951. If you see the tape decks that feature in ‘computers’ in vintage movies, it’s hard to believe the medium is still around… let alone at the cutting edge of data storage. In fact, magnetic tape is thriving with strong sales of LTO Ultrium, the current de facto standard.Just like vintage fashions that won’t die (mom jeans, dad sneakers, bum bags anyone?) LTO might seem daggy and basic at first glance. It doesn’t have the shiny new excitement of cloud or other more marketable storage offerings. But it is very popular in the Australian production industry and with us. LTO is hard to beat as a long-term archive medium and here’s why:1.    LifespanLTO boasts an impressive 15 to 30-year lifespan. In comparison, HDDs are more volatile with a higher failure rate and a life expectancy of around 5 years.But buyer beware. The 30-year prediction only applies to tapes stored in a clean, controlled environment. With both temperature and humidity regulation. The ideal environmental conditions for LTO storage are 18°C and 40% relative humidity. (Luckily for us, we already have a custom-built film and tape vault).This is one of the reasons studios and networks list LTO as a deliverable. Also one reason it’s favoured by insurance companies.2.    It’s open formatLTO stands for Linear Tape-Open. ‘Open’ refers to ‘open standards’. That means that the tech is available for license by multiple vendors. LTO was developed by Certance (now Quantum), Hewlett Packard Enterprise, and IBM in the late 1990s. They created LTO to compete with existing proprietary formats of digital tape. The three companies form the LTO Consortium and they work together to manage the medium, certification and licensing.With multiple sources of media and drives, the format has resilience. Obsolescence doesn’t hinge on the success or failure of one manufacturer. Competition keeps prices in check. And affordable media is popular media, which is less likely to become an entry in the Museum of Obsolete Media.3.    There’s a roadmapWouldn’t it be great if you could see exactly what storage options will be available in 10 years’ time? Especially if you are pondering the capex outlay required for an LTO setup. Well, you can get a decent idea with the LTO Roadmap.The LTO Consortium publish a roadmap with predicted specs for future generations of tape, to provide certainty.Media format obsolescence is inevitable, but a roadmap makes it manageable. LTO drives are also mandated to be backwards compatible to at least one generation.Recent research shows that 330TB capacity cartridges are a real possibility. So the roadmap is not just wishful thinking.4.    The lowest error rateAll digital storage media are subject to error, but LTO is reportedly four orders of magnitude better than disk.5.    It’s secure tooOne of the beauties of tape, particularly as an archive medium, is its removability. Not a sexy quality at all. But very useful. It means that tape is portable, cartridges are easily stored offline or transported offsite. And storing tapes offline is a sure way to thwart sophisticated cyberattacks like ransomware. Ransomware attacks have more than doubled this year. As we saw from the attack on WPP in 2017, the threat is real. Especially for creative companies who not only rely on data for day-to-day operations but also create value in IP.Storing tapes offline also preserves files against glitches and accidental deletion. And LTO can be encrypted on-the-fly. In fact, IBM are developing protections against attack from computers that don’t even exist yet.6.    CapacityVideo files are only getting larger. So it’s handy that the current generation of tape is capable of storing up to 1600 HD movies per cartridge.Unfortunately, video files also don’t compress well. So the reported potential capacity of 30TB compressed doesn’t mean much to us. But 12TB per cartridge native for LTO-8 is not to be sniffed at.7.    Cost-effectiveAll the reliability and capacity in the world would mean nothing if LTO wasn’t affordable. That might sound miserly. But content creatives and audiovisual archives are facing the reality of growing data sizes every day. Technology marches on. Better cameras and more of them, higher shoot ratios, and higher resolution files. All multiplied across a growing archive of content… Add downward pressure on budgets and the bottom-line looms large.Individual tapes are cheap especially when compared to disk. But there are many factors to consider when calculating cost. It’s important to consider the total cost of ownership of a tape storage system:There is a large capex outlay to start. You will need hardware, software and media.You need people to manage the tape drives/libraries.Unlike disk, tapes are energy efficient because you don’t need to keep them kept powered up.On the other hand, air-conditioning and humidity regulation will add to the expense.But the cost per GB drops the more data you archive.LTO works for us because we already have the experts, the climate-controlled vault (with a solar installation), and the data volume. So happily we can pass those cost savings on to our clients.Other considerationsTape is far from dead – but there are some things to watch out for.What about speed?Tape doesn’t have the fast access speeds of HDDs or SSDs for retrieval. It is linear by nature and that is both its strength (allows for capacity) and its weakness (slower to access).But speed is not a deal breaker. We mostly use LTO for archive content that doesn’t require instant or frequent access. And with large files like media files, the random-access time issue is less relevant.Read and write speed is still good – especially compared to cloud offerings.Is Cloud a tape-killer?Tape has been proclaimed dead many times. Amazon Glacier and now Deep Glacier have been called ‘tape-killers’. Cloud storage is still the bright, shiny and new storage option. But upload and download speed along with restore fees mean that sometimes it promises more than it can deliver.We do use cloud in our storage mix, so we’re not knocking it. But Cloud hasn’t put an end to tape yet. Indeed, if you look behind the scenes at major cloud providers, you’ll often find a huge tape library. Although they have denied it, there are even whispers that Amazon built Glacier on tape. And Google and Microsoft Azure definitely use LTO tape.Is there a tape shortage?Despite having an accessible open standard, the number of LTO tape manufacturers has whittled down. From six in recent years to just two – Sony and Fujifilm. And it seems like each is trying to shrink the pool further – to just one supplier.The two recently settled a patent row over LTO-8 technology that saw imports banned and production halted on the latest version of tape. None were available up until recently. Suppliers introduced stopgap measures. LTO-7 ‘Type M’ tapes were created using LTO-8 standards to squeeze more capacity from LTO-7 tapes. This was an imperfect solution as it complicates lifecycles. Future LTO-9 drives will not be able to read the Type M tapes.The whole saga highlighted the weakness of relying on just two manufacturers. It goes to show that no type of media is completely secure. You can’t eliminate risk. The best you can do is mitigate it by combining different media in your storage mix. Or you can outsource the risk to a service provider to manage it for you.Is a tape-based storage system difficult to manage?The manual tape management processes are labour intensive. A level of technical knowledge is required. As Fujifilm states, tape systems require four elements – ‘software, hardware, media and people.’There is lifecycle management to consider. You’ll need to decide when to upgrade and plan regular migrations. If you don’t have an IT Admin to manage the tapes, or you do have an IT Admin but their time is spent better elsewhere, LTO may not be for you.Our LTO servicesWe love LTO for long-term archive. If you sign up to our digital archive or library service, you’ll always have a copy of your original data written to tape. Usually two copies, stored separately, depending on your plan.We also store clients’ own LTO tapes in our climate-controlled media vault in Lane Cove. Offsite tape vaulting is a great option if you have your own LTO infrastructure. You can keep a geographically separate copy, improve tape lifespan, and simply make space.If you’re interested in the benefits of LTO but don’t want the hassle of managing it, get in touch. We’re be happy to talk through our archive setup or recommend options to suit.

LTO Social Media

 

LinkedIn

Keeping Backups Safe Using LTO Tape
Malware in the form of holding data for ransom has been a threat to organizations for years. Ransomware attacks are getting more sophisticated and are targeting a new class of data – backups! Ransomware will now look to delete any type of backups it comes across, for example, any Windows backup files and shared network drives. Learn how to defend against this type of cyberattack. https://bit.ly/3110GdS

Video Surveillance Storage Challenges
We review some alarming incidents caught on camera and what IT departments can do to keep up with the demands of storing video surveillance content with help from LTO technology.

Twitter

Does your organization use an active archive? 

Do you know the benefits of an active archive? Do you know that LTO tape storage is used to securely archive important information and that it does it economically? Learn more in this issue of LTO BlogBytes! #tapefortomorrow #lto #bigdata

LTO Case Studies

Award-winning studio protects workflow with LTO Technology

Aardman is an independent and multi-award-winning studio. It produces feature films, series, advertising, interactive entertainment and innovative attractions for both the domestic and international market. The studio’s work includes the creation of much-loved characters such as Wallace & Gromit, Shaun the Sheep and Morph.

Business Needs

  •  Manage and efficiently store video production material at each phase of the workflow.

  • Protect video assets from any form of accidental or intentional destruction and ransomware attacks.

  • Control costs and stay within planned budget.

  • Easily access archived content for edits, conforms, final productions and future reference.

 

 

 

Solution – Results:
 

  •  Implemented LTO tape drives and automated libraries with about 100 slot capacity.

  • Production staff can straightforwardly
    retrieve video content from tape libraries for any phase of production.

  • Able to store each step of the workflow securely to LTO tape.

  • Easy to create second tape copy of video content to store offsite for disaster protection.

Newsbytes

LTO Tape Shipment Report
Reveals Record Breaking
Tape Capacity Shipments

July 2020

Continued increase in capacity shipments point to reliance on LTO tape in modern-day storage environments.

The LTO Program Technology Provider Companies (TPCs), Hewlett Packard Enterprise, IBM Corporation and Quantum today released their annual tape media shipment report, detailing year-over-year shipments. 

The LTO Program announces Fujifilm and Sony are now both licensees of Generation 9 Technology

September 2021

LTO Seeing Continued Relevance for Archive and Offline Long-Term storage.

The LTO Program Technology Provider Companies (TPCs), Hewlett Packard Enterprise, IBM Corporation and Quantum are pleased to announce Fujifilm and Sony are now licensees of Generation 9 technology, meaning that both companies are planning to produce LTO-9 media moving forward. 

Hewlett Packard Enterprise logo
IBM Logo
Quantum Logo