Expert opinions, information and comment from the LTO Program

Reading Time: 4 minutesJohn Monroe, a long-time storage industry expert and Gartner analyst, now an independent consultant  with his own company (Furthur Market Research), recently published a new report entitled “Preservation or Deletion: Archiving and Accessing the Dataverse”. This report is a follow-up to John’s initial report entitled “The Escalating Challenge of Preserving Enterprise Data”, and is co-sponsored by Fujifilm, IBM and Twist Bioscience. This new report looks at likely growth rates of new enterprise capacity shipments required to store the ever-expanding “dataverse” and manage the swelling installed base of enterprise-grade SSD, HDD and tape media from 2023 to 2030. The findings and conclusions in John’s report clearly suggest that the status quo in storage strategies is not sustainable. Below are some summaries and excerpts taken from the report and a link is provided to view/download the full report.Relentless Growth of the DataverseJohn provides a forecast for SSDs, HDDs and tape capacity shipments and the growing installed base from 2023 to 2030. With a CAGR of 30.7%, new shipments of enterprise storage capacity will hit 1.74 ZB in 2023 (that’s up from .95 ZB in 2020) and exceed 11.0 ZB in 2030. Meanwhile, the active installed base of enterprise storage will grow from 6.4 ZB in 2023 to 35.7 ZB in 2030. In a worst-case 25% CAGR scenario, new shipments of enterprise storage capacity will grow to 8.0 ZB while the active installed base expands to 26 ZB in 2030.However, those forecasts could change dramatically if a not unlikely growth rate of 35% or even 45% should unfold. At 35% CAGR, we would see new capacity shipments of 14.7 ZB with an active installed base of 45 ZB in 2030. (Note: it takes 50 million 20 TB HDDs or 22 million LTO-9 tapes at 45 TB compressed capacity to store just one single zettabyte).Evolving Data TemperaturesJohn also provides a breakdown of data temperatures depicted in a classic pyramid with Hot data at the top, followed down the pyramid by Warm, Cool, Cold and finally Frozen data layers. By 2030, the Cold and Frozen data layer will be the largest segment at 61% of stored data. This is largely  because of the answer to the implied question posed in the title of the report “Will we preserve or delete our data?” In John’s surveys of end users across different vertical markets, almost all of the IT managers he spoke with specified “indefinite” retention periods for the vast majority of their data, even if frequency of access declined to seldom if ever. We will be storing and maintaining an ever-increasing amount of enterprise data that has aged for more than five years.Massive Revenue Opportunity AheadWith a majority of data being stored long term in Cold and Frozen layers requiring lower cost per GB and more energy efficient technologies, John conservatively estimates revenue for enterprise storage devices in these tiers will range from $8.8 B to $15.7 B in 2030, up from $5.1 B in 2023. This bodes well for new generations of tape and emerging technologies like DNA storage that will change the current trend of storing so much of this type of data on expensive and energy intensive SSDs and HDDs.On SustainabilityThe report goes on to show that energy consumed by maintaining the installed base of SSDs and HDDs between 2020 and 2025 would consume over 15,000 megawatts of power while the tape installed base for the same period would consume just 18 megawatts, an 838 X difference. In John’s own words:“It is obvious that HDDs and perhaps a significant number of SSDs are handling far too much of the Cold/Frozen workloads at far too great a cost/GB while consuming an inordinate share of available energy”. Limited HDD and SSD Production CapabilitiesBecause the HDD makers have fiscal concerns about investing unprofitably in future CAPEX in the face of uncertain demand and growing SSD incursions, John fears the HDD industry will not adequately invest to be able to deliver ~5 ZB, much less ~8 ZB, of enterprise-grade media per year from 2028 to 2030. And given the recent precipitous price erosions—the price for raw NAND dropped by more than 70% during 2H22—and the inevitability of future supply/demand imbalances and the attendant price fluctuations, John also has growing doubts that the NAND industry will spend the necessary hundreds of billions of dollars to be able to deliver ~1 ZB, much less ~2-3 ZB, of enterprise-grade SSD storage capacity per year from 2028 to 2030. But even new shipments of ~6-10 ZB of expensive, enterprise-grade SSD and HDD media may be insufficient to meet global demand in 2030.Resurgence in Tape ShipmentsThe report goes on to say that with limited SSD and HDD production capabilities looming and the increasing need for cost-effective and sustainable storage, the demand trend for new generations of tape, DNA data storage and even optical technologies may be altered drastically. Regarding tape specifically and considering recent hyperscale market adoption, the report suggests:“There will be a resurgence in tape shipments for a variety of reasons based on expanding demand on multiple fronts, relative data temperature and time-to-data needs based on access frequency, and lower costs of data retention and power consumption, as well as limited HDD and SSD production capabilities. Tape could well grow to at least two zettabytes delivered by 2030”. In ConclusionThe data centers of the future will need everything the SSD, HDD and tape industries can manufacture and deliver, as well as requiring new DNA and perhaps other enterprise storage technologies. Availability and sustainability challenges, combined with the costs of managing the dataverse over increasingly lengthy time periods, will create new use cases for existing storage technologies and demand the creation of new, more cost-effective, and power-efficient storage technologies.To read the full report:https://asset.fujifilm.com/www/us/files/2023-03/772c53c57d3e6022681fb5231e7df79a/FMR_Preservation_or_Deletion_WP_March_13_2023.pdf

Impulsa Galicia and Ingenostrum have teamed up with the goal of building a €400 million (US$426.5 million) carbon-neutral data center in Spain. According to Impulsa Galicia – a public-private initiative backed by the Galicia region's decision-making body – the center could accommodate data from most Galician businesses. Although the companies have only agreed to conduct a feasibility study, the project serves as a reminder of the growing need to increase data center capacity while slashing emissions.The 15-megawatt (MW) center would follow a larger, 70MW one in Cáceres, in the Extremadura region, also planned by Ingenostrum. While that project too is dubbed carbon-neutral, there is no mention of batteries or other storage technology, begging questions about what carbon-neutral electricity will power the data center when the sun isn't shining, which happens even in Spain.Related: Grid Interactive UPS Systems and the Race to Carbon-NeutralityWhen it comes to the green credentials of data centers – or pretty much anything else – the devil is always in the details. Data centers and data transmission each account for between 1% and 1.5% of global electricity consumption, according to the International Energy Agency (IEA), which sums up the sector's progress towards the goal of reaching net zero by 2050 as "more efforts needed."While demand and energy use are expected to grow in the coming years, the industry needs to significantly reduce its emissions if it is to align with the global goal of reaching net zero by 2050. According to IEA, emissions need to be halved by 2030. As a result, pressure from both government and customers is growing to make data centers greener.Related: EU Eyes Carbon-Neutral Data Centers by 2030 in Green-Tech SwitchIn the data center operators' defense, they have managed to significantly improve energy efficiency. Since 2010, emissions have increased only modestly, despite demand skyrocketing as global Internet traffic grew 20-fold. The largest data center operators have also started to contract renewable energy for their facilities, with Amazon, Microsoft, Meta and Google becoming the four largest buyers of corporate renewable power purchase agreements. But that still does not erase their growing energy consumption and emissions footprint.Continue reading this article on Light Reading

It was on February 3 that the company discovered it had become the victim of a ransomware attack. Once the company took note of the attack it immediately activated its incident response and business continuity measures to limit the situation.The full scope of the costs and related impacts of the incident has not yet been determined. However, MKS does expect that the attack will have a material impact on its first quarter resultsPrior to the ransomware event, the company expected revenue in the first quarter of approximately USD 1 billion. However, MKS says that it currently estimates the impact of the incident on first quarter revenue to be at least USD 200 million.“We are well into the recovery phase of our manufacturing and service operations following the ransomware incident identified on February 3rd, and we expect these operations will be restored over the coming weeks. I am very thankful for our dedicated employees who have worked tirelessly to help bring interrupted systems back online. Our team is focused on making up for lost time, delivering on our commitments and meeting the needs of our customers, whose support during the past weeks we’ve greatly appreciated,” said John T.C. Lee, President and CEO in a press release from late February.

CISA and the FBI have issued a joint advisory highlighting the increasing threat behind ongoing Royal ransomware attacks targeting many U.S. critical infrastructure sectors, including healthcare, communications, and education.This follows an advisory issued by the Department of Health and Human Services (HHS), whose security team revealed in December 2022 that the ransomware operation had been linked to multiple attacks against U.S. healthcare organizations.In response, the FBI and CISA shared indicators of compromise and a list of tactics, techniques, and procedures (TTPs) linked, which would help defenders detect and block attempts to deploy Royal ransomware payloads on their networks."CISA encourages network defenders to review the CSA and to apply the included mitigations," the U.S. cybersecurity agency said on Thursday.The federal agencies are asking all organizations at risk of being targeted to take concrete steps to protect themselves against the rising ransomware threat.To safeguard their organizations' networks, enterprise admins can start by prioritizing the remediation of any known vulnerabilities attackers have already exploited.Training employees to spot and report phishing attempts effectively is also crucial. Cybersecurity defenses can further be hardened by enabling and enforcing multi-factor authentication (MFA), making it much harder for attackers to access sensitive systems and data.Samples submitted to the ID-Ransomware platform for analysis show that the enterprise-targeting gang has been increasingly active starting late January, showing this ransomware operation's huge impact on its victims.Royal ransomware sample submissions (ID-Ransomware)​Request for Royal incident reportsEven though the FBI says that paying ransoms will likely encourage other cybercriminals to join the attacks, victims are urged to report Royal ransomware incidents to their local FBI field office or CISA regardless of whether they've paid a ransom or not.Any additional information will help collect critical data needed to keep track of the ransomware group's activity, help stop further attacks, or hold the attackers accountable for their actions.Royal Ransomware is a private operation comprised of highly experienced threat actors known for previously working with the notorious Conti cybercrime gang. Their malicious activities have only seen a jump in activity since September, despite first being detected in January 2022.Even though they initially deployed encryptors from other operations like BlackCat, they have since transitioned to using their own.The first was Zeon, which generated ransom notes similar to those used by Conti, but they switched to a new encryptor in mid-September after rebranding to "Royal."The malware was recently upgraded to encrypt Linux devices, specifically targeting VMware ESXi virtual machines.Royal operators encrypt their targets' enterprise systems and demand hefty ransom payments ranging from $250,000 to tens of millions per attack.This ransomware operation also stands out from the crowd due to its social engineering tactics to deceive corporate victims into installing remote access software as part of callback phishing attacks, where they pretend to be software providers and food delivery services.In addition, the group employs a unique strategy of utilizing hacked Twitter accounts to tweet out details of compromised targets to journalists, hoping to attract news coverage and add further pressure on their victims.These tweets contain a link to leaked data, which the group allegedly stole from the victims' networks before encrypting them.

Read the full strategy hereToday, the Biden-Harris Administration released the National Cybersecurity Strategy to secure the full benefits of a safe and secure digital ecosystem for all Americans. In this decisive decade, the United States will reimagine cyberspace as a tool to achieve our goals in a way that reflects our values: economic security and prosperity; respect for human rights and fundamental freedoms; trust in our democracy and democratic institutions; and an equitable and diverse society. To realize this vision, we must make fundamental shifts in how the United States allocates roles, responsibilities, and resources in cyberspace.We must rebalance the responsibility to defend cyberspace by shifting the burden for cybersecurity away from individuals, small businesses, and local governments, and onto the organizations that are most capable and best-positioned to reduce risks for all of us. We must realign incentives to favor long-term investments by striking a careful balance between defending ourselves against urgent threats today and simultaneously strategically planning for and investing in a resilient future.The Strategy recognizes that government must use all tools of national power in a coordinated manner to protect our national security, public safety, and economic prosperity.VISIONOur rapidly evolving world demands a more intentional, more coordinated, and more well-resourced approach to cyber defense. We face a complex threat environment, with state and non-state actors developing and executing novel campaigns to threaten our interests. At the same time, next-generation technologies are reaching maturity at an accelerating pace, creating new pathways for innovation while increasing digital interdependencies.This Strategy sets out a path to address these threats and secure the promise of our digital future. Its implementation will protect our investments in rebuilding America’s infrastructure, developing our clean energy sector, and re-shoring America’s technology and manufacturing base. Together with our allies and partners, the United States will make our digital ecosystem:Defensible, where cyber defense is overwhelmingly easier, cheaper, and more effective;Resilient, where cyber incidents and errors have little widespread or lasting impact; and,Values-aligned, where our most cherished values shape—and are in turn reinforced by— our digital world.The Administration has already taken steps to secure cyberspace and our digital ecosystem, including the National Security Strategy, Executive Order 14028 (Improving the Nation’s Cybersecurity), National Security Memorandum 5 (Improving Cybersecurity for Critical Infrastructure Control Systems), M-22-09 (Moving the U.S. Government Toward Zero-Trust Cybersecurity Principles), and National Security Memorandum 10 (Promoting United States Leadership in Quantum Computing While Mitigating Risks to Vulnerable Cryptographic Systems). Expanding on these efforts, the Strategy recognizes that cyberspace does not exist for its own end but as a tool to pursue our highest aspirations.APPROACHThis Strategy seeks to build and enhance collaboration around five pillars:1. Defend Critical Infrastructure – We will give the American people confidence in the availability and resilience of our critical infrastructure and the essential services it provides, including by:Expanding the use of minimum cybersecurity requirements in critical sectors to ensure national security and public safety and harmonizing regulations to reduce the burden of compliance;Enabling public-private collaboration at the speed and scale necessary to defend critical infrastructure and essential services; and,Defending and modernizing Federal networks and updating Federal incident response policy2. Disrupt and Dismantle Threat Actors – Using all instruments of national power, we will make malicious cyber actors incapable of threatening the national security or public safety of the United States, including by:Strategically employing all tools of national power to disrupt adversaries; Engaging the private sector in disruption activities through scalable mechanisms; and, Addressing the ransomware threat through a comprehensive Federal approach and in lockstep with our international partners.3. Shape Market Forces to Drive Security and Resilience – We will place responsibility on those within our digital ecosystem that are best positioned to reduce risk and shift the consequences of poor cybersecurity away from the most vulnerable in order to make our digital ecosystem more trustworthy, including by:Promoting privacy and the security of personal data;Shifting liability for software products and services to promote secure development practices; and,Ensuring that Federal grant programs promote investments in new infrastructure that are secure and resilient.4. Invest in a Resilient Future – Through strategic investments and coordinated, collaborative action, the United States will continue to lead the world in the innovation of secure and resilient next-generation technologies and infrastructure, including by:Reducing systemic technical vulnerabilities in the foundation of the Internet and across the digital ecosystem while making it more resilient against transnational digital repression;Prioritizing cybersecurity R&D for next-generation technologies such as postquantum encryption, digital identity solutions, and clean energy infrastructure; and, Developing a diverse and robust national cyber workforce5. Forge International Partnerships to Pursue Shared Goals – The United States seeks a world where responsible state behavior in cyberspace is expected and reinforced and where irresponsible behavior is isolating and costly, including by:Leveraging international coalitions and partnerships among like-minded nations to counter threats to our digital ecosystem through joint preparedness, response, and cost imposition;Increasing the capacity of our partners to defend themselves against cyber threats, both in peacetime and in crisis; and,Working with our allies and partners to make secure, reliable, and trustworthy global supply chains for information and communications technology and operational technology products and services.Coordinated by the Office of the National Cyber Director, the Administration’s implementation of this Strategy is already underway.###

German and Ukrainian cops have arrested suspected members of the DoppelPaymer ransomware crew and issued warrants for three other "masterminds" behind the global operation that extorted tens of millions of dollars and may have led to the death of a hospital patient.The criminal gang, also known as Indrik Spider, Double Spider and Grief, used double-extortion tactics. Before they encrypt the victims' systems, the crooks steal sensitive data and then threaten to publish the information on their leak site if the organization doesn't pay up. German authorities are aware of 37 companies that fell victim to these criminals, including the University Hospital in Düsseldorf. That 2020 ransomware attack against the hospital led to a patient's death after the malware shut down the emergency department forcing the staff to divert the woman's ambulance to a different medical center. US law enforcement has also linked DoppelPaymer to Russia's Evil Corp, which the Treasury Department sanctioned in 2019. The US FBI also assisted in the raids and arrests, and Europol noted that American victims of DoppelPaymer paid at least €40 million ($43million) to the crooks between May 2019 and March 2021. In simultaneous actions on February 28, German police arrested a local suspect the cops say "played a major role" in the ransomware gang and seized equipment from the suspect's home. Meanwhile, Ukrainian police arrested a local man who is also believed to be a core member of DoppelPaymer. During searches in Kiev and Kharkiv, the Ukrainian cops also seized electronic equipment now under forensic examination. Small fry arrested, but big fish swim awayAdditionally, the cops issued arrest warrants for three "suspected masterminds" behind the Russian-connected ransomware gang. The trio has also been added to Europe's most wanted list:lgor Olegovich Turashev allegedly acted as the administrator of the gang's IT infrastructure and malware, according to German police. Turashev is also wanted by the FBI for his alleged role in Evil Corp.Irina Zemlianikina "is also jointly responsible for several cyber attacks on German companies," the cops said. She allegedly administered the gang's chat and leak sites and sent malware-laden emails to infect victims' systems.The third suspect, Igor Garshin (alternatively: Garschin) is accused of spying on victim companies as well as encrypting and stealing their data.DoppelPaymer has been around since 2019, when criminals first started using the ransomware to attack critical infrastructure, health-care facilities, school districts and governments. It's based on BitPaymer ransomware and is part of the Dridex malware family, but with some interesting adaptations.According to Europol, DoppelPaymer ransomware used a unique evasion tool to shut down security-related processes of the attacked systems, and these attacks also relied on the prolific Emotet botnet. Criminals distributed their malware through various channels, including phishing and spam emails with attached documents containing malicious code — either JavaScript or VBScript.Last fall, after rebranding as Grief, the gang infected the National Rifle Association and was linked to the attack on Sinclair Broadcast Group, a telecommunications conglomerate that owns a huge swath of TV stations in the US. ®