Hackers have struck. Your vital data’s been encrypted, and your business has lurched to a standstill. All you have is a text file ransom note left by the criminals, and a whole lot of questions.But you’ve got a playbook, and you know that if things are serious – and they are – you’ve been OK’d by the board to enter into negotiations with the hackers. You need to get systems up and running again and protect vital customer data – paying the ransom is worth the risk.You’re out of free articles for this month To continue reading the rest of this article, please log in. Create free account to get unlimited news articles and more!Or perhaps you don’t have a playbook, and you’re making this up as you go along. Speaking to Cyber Daily earlier in the year, Simon Hodgkinson, a strategic adviser with cyber security firm Semperis, said that many companies are simply not prepared.“In some cases, they’d never had that conversation. Of course, nobody wants to pay a ransom because the money is going to fund more and more criminal activity,” Hodgkinson said.“But the reality is, if their business was down for a week or a month or what have you; would that change your decision making and maybe negotiate with the actors?”But what if you don’t have the money being demanded? What can you expect from cyber criminals that, by definition, cannot be trusted? Will they lower their ransom demands?Sure, the prevailing wisdom is that paying a ransom not only gives hackers more resources to continue to develop their payloads and skills, but it also encourages the practice more generally. A ransom payment might also be illegal; not in and of itself – though, in some jurisdictions, it already is – but because you are sending money to individuals who may be in a country currently under sanctions that restrict the transfer of funds to any sanctioned entity.On top of everything, there’s still no guarantee that they’ll follow through when a hacker says they’ll give you a decryption key and delete the data they’ve exfiltrated. Worse, it’s not unknown for ransomware operators to attack the same target twice.“These are criminals, so they are generally not very reliable. But again, much of this will depend on the specific group. Unfortunately, there is no transparency in the overall payment for ransoms; those victims that pay typically do not advertise as such,” Rapid7’s chief scientist, Raj Samani, told Cyber Daily.“This level of transparency is imperative, in my opinion, because it will likely demonstrate why paying ransoms is not the answer that many believe it is. Despite receiving payment, many ransomware groups have a history of either providing decryption keys of insufficient quality, or not providing the keys at all.”But if you do feel compelled to pay – and if that’s the case, it’s worth noting that for all of the above, you are not alone – here’s what you can expect the process to look like.The ransom noteIf you look at the statistics for which ransomware groups an Australian organisation is most likely to be targeted by, you might expect to be dealing with either LockBit or RansomHub. However, while they’re historically the threat actors with the most Australian victims, the current reality is a little different.LockBit is a shadow of its former self following a series of law enforcement takedowns and arrests, and RansomHub appears to be on an extended hiatus, possibly while it moves its operations to new infrastructure.That means that an Australian organisation is, on balance, most likely to be targeted by the Akira ransomware gang, the third-most active in the country behind LockBit and RansomHub, so it’s the communications of that group that we’ll focus on for this article, beginning with its ransom note, which is pretty typical of ransomware operators generally:“Whatever who you are and what your title is, if you’re reading this, it means the internal infrastructure of your company is fully or partially dead, all your backups – virtual, physical – everything that we managed to reach – are completely removed. Moreover, we have taken a great amount of your corporate data prior to encryption.”That’s a pretty intimidating first paragraph, but Akira immediately tries to calm things down:“Well, for now let’s keep all the tears and resentment to ourselves and try to build a constructive dialogue. We’re fully aware of what damage we caused by locking your internal sources.”The note then outlines the benefits of entering into negotiations. Paying up saves time and money in the long run, and victims are also offered a full security audit outlining how Akira got into their network in the first place. The gang even offers to walk its victims through how to access cyber insurance.Then, the threats begin:“As for your data, if we fail to agree, we will try to sell personal information/trade secrets/databases/source codes – generally speaking, everything that has a value on the darkmarket – to multiple threat actors at ones [sic]. Then all of this will be published in our blog…”Akira then claims that it is just looking for a quick settlement and provides instructions on how to access the gang’s darknet chat room.“Keep in mind that the faster you will get in touch,” the note concludes, “the less damage we cause”.Akira, like most ransomware actors, knows full well that it is likely talking to a victim that has very few plans in place for such an incident, and acts accordingly, offering threats and friendly advice in equal measure. The hackers are banking on their victims already being in a state of panic when negotiations actually start.The first stepsOnce you decide to negotiate, the first step is to decide who in your organisation is going to make that actual contact, and here, the best practice is to immediately seek an external negotiator.Samani employed an apt analogy about why you should never enter into negotiations yourself.“The best analogy I could use is: I’m pretty good at cyber security. I’m a pretty decent painter, too, but if you look at my house, I get the experts in to do the painting of the house because they do a really good job – I just can’t do it,” Samani said.“I’m a smart guy, but I don’t really have the skill to do it, and it’s the same thing with anything in life.”According to Samani, the smart play is to employ someone who talks to cyber criminals as an aspect of their full-time job – everyone else is just an amateur.“Ideally, the spokesperson would not be someone in your organisation but rather someone from a reliable third party with experience in such discussions,” Samani said.However, for whatever reason – and there are very likely good ones – you’re going it alone. Before you even contact the criminals, you’ll want every stakeholder at the table. For one thing, everyone from the board down needs to know, and for another, even if you don’t have a playbook for handling a ransomware negotiation, everyone still needs to be clear-eyed about your goals, particularly if you’re seeking to negotiate your payment down from the initial ransom demand.The good news is that ransoms are commonly lowered by considerable amounts during the negotiation process; the bad news is that the negotiation process can be pretty adversarial.The negotiation beginsThe first part of any negotiation process with Akira – and many other operators – is establishing bona fides. The first thing Akira’s spokesperson will ask is whether or not you have permission to actually handle the negotiation:“You’ve reached Akira support chat. Currently, we are preparing the list of data we took from your network. For now you have to know that dealing with us is the best possible way to settle this quick and cheap. Keep in touch and be patient with us. Do you have a permission to conduct a negotiation on behalf of your organisation? Once we get a response you will be provided with all the details.”All you have to do is say yes, and you’re good to go. The next phase, though, is where Akira provides proof that it does, in fact, have your data. Akira sends through a listing of all the files exfiltrated during the attack and asks you to pick three files, which Akira will send as proof of hack.Akira’s spokesperson then asks you to pick a selection of files encrypted during the attack, send them to Akira. The hackers will then send back decrypted versions of those files to prove that their decryptor – the key that will unlock all the data encrypted during the attack.Once everyone knows where they stand – the hackers have proven they have your data, and proven they can decrypt everything on your end – the hard part begins.Pay to playIn several of the Akira negotiations observed by Cyber Daily, the victim has made an early effort to convince the hackers to send them the key – this is pointless. The criminals want a payday, and they’re not going to give anything away for free.The hackers are also not shy about exploiting the data they’ve just stolen:“So, we’ve gone through your files to define your financial abilities. We’ve been looking through your bank statements, net income, cyber liability limits, financial audits – all the info that might help us to calculate our demand to you.”In the negotiation we’re going to focus on, Akira determined that the victim could afford a ransom payment of US$1,700,000.Unsurprisingly, the victim, in this instance, baulked at the idea, claiming the data Akira had on hand was not the entire financial picture and the company could not possibly pay. The hackers immediately dropped the price – but with a caveat: pay up now, and we’ll work with you.“In case you of quick payment, we will be able to consider a discount. We are going to work with seven figures though,” Akira said.The victim then asked how they could simply recover their data, and Akira offered a significant drop in the ransom demand – and not the last.“Our request is quite possible for a company like yours. We both know this. If you need our decryption services only, we can end this incident at $1,000,000. We won’t go lower. This is a good price for getting back to business quick and without troubles,” it said.Suffice it to say, the business continued to maintain that it could not afford the sum. Throughout the whole process, Akira’s spokesperson displayed hostility towards the negotiator, pressuring them to respond fast and warning them that they wouldn’t wait forever for counter-offers. In this case, after the victim appealed to the hackers’ empathy (hint: they have none), the hackers threatened to publish if an outcome is not reached, and the victim offered a ransom payment of US$20,000.Akira did not respond well. It published news of the hack to its darknet leak site and let the victim know it had done so, before attempting to lay down the law.“We will never accept such a small amount. You’re offering us 20k against 1M. How do you think we will be able to agree? We will wait a bit more and then will cancel the deal. There is nothing to talk about at the moment,” it said.Enter, the negotiatorAt this stage, a new negotiator enters the chat on the victim’s behalf. They say they’re a more senior employee with authorisation from the boss, but they come across as remarkably well versed in handling cyber criminals. It’s entirely possible that the company finally brought in a professional third party, but regardless, this is when real progress starts being made.With the data now published, the new negotiator attempts first to get that data removed from Akira’s leak site, explaining that it would go a long way towards establishing good-faith negotiations. The negotiator apologises for the previous low-ball offer and refocuses the negotiation as one between two parties “here to do business”.In this part of the negotiation, the negotiator goes out of their way to be polite and positive, emphasising that they are “looking forward to finalising a deal” and carefully managing expectations for payment. And despite not getting a new ransom offer, the hackers finally relent and promise to take down the data.“I still do not see any decent offer from your side. We will take the post down later,” the hackers said.Then, the haggling begins anew. The company offered a payment of US$110,000, which the hackers responded to with a demand of $650,000. This is still a large amount of money, but far short of the original seven-figure demand.Throughout the process, the negotiator does their best to present themselves as a reasonable middleman, attempting to find a happy medium between what the company is willing to pay and what the criminals will accept. The negotiator shares some more financial data by way of explaining the constrained nature of what the company can afford, and at this point, the Akira spokesperson appears to admit to something quite interesting.“Thank you for the report but it seems like a trick, we were waiting for verified signed documents. Anyway, even if it is true, we do not have real picture (your savings, your investments, your net assets etc.). We believe we’re asking for a fair amount and are willing to close the deal,” the Akira spokesperson said.This flies in the face of what the hackers said back at the start of the negotiation, which was days ago at this point. Here’s what they said earlier:“So, we’ve gone through your files to define your financial abilities. We’ve been looking through your bank statements, net income, cyber liability limits, financial audits – all the info that might help us to calculate our demand to you.”Basically, the spokesperson admits that they do not, in fact, have all the details necessary to establish what the victim can afford – they’ve been negotiating in poor faith this entire time.Negotiations continue from here, but it seems clear the negotiator is closing in on an acceptable figure. A figure of US$250,000 is finally settled upon, which the negotiator carefully confirms is for both a decryptor to unlock the data on the victim company’s network, and for Akira to delete the data.Once that’s settled, negotiations move into the final stage.Everybody gets what they want, eventuallyNow that a sum has been agreed upon – US$250,000 haggled down from US$1,700,000 – the victim and the criminals get down to the nitty-gritty of transferring funds and decrypting files. And, of course, there’s a new wrinkle.The issue to be aware of here is that hackers like to be paid in bitcoin, and purchasing BTC comes with a commission, which, in this case, takes the amount the company in question needs to spend from US$250,000 to up to US$275,000. The negotiator employs a clever tactic here – they say up front that, sure, they can pay that, but it will take more time, and already the hackers are getting antsy about payment.Alternately, the negotiator says if the hackers are willing to drop what they receive by the cost of the commission – that is, by $25,000 to $225,000 – payment can be processed right away.“Are you able to send $225,000 today? If so, we’re willing to accept,” the threat actors said.And like that, the deal is done. In this case, the hackers suggest, smartly, that the victim send a test transaction – a small sum so that both parties can see that the correct wallet address has been provided and everything is above board.Happy endings?Both the victim and the hackers are almost done with the negotiation. The ransom has been transferred, Akira is happy with the sum, and now it’s time for the hackers to share their decryptor, but – perhaps unsurprisingly – even this process is fraught.In this case, the hackers shared the wrong unlocker, though. Eventually, they appear to have provided the correct one. Then, the password provided for decryption is incorrect, but, again, that is eventually provided as well. At this point, the negotiation is almost mundane, a perfect example of less-than-stellar customer service as the Akira spokesperson sheepishly admits mistakes on the ransomware gang’s part.The final step is proof of deletion, which Akira provides, and the promised “breach report” – which is the most generic list of cyber security protocols imaginable, and not at all tailored to the breach in question.As the negotiator notes: “I must say the breach report looks quite generic and not specific to us.”There’s one more back and forth about providing the correct passwords, but, eventually, after 170 discrete messages passing back and forth, the negotiation is complete, and all parties are, if not happy, at least somewhat satisfied.Should you pay?“Well, to put it bluntly, don’t do it. Firstly, you are supporting organised crime, but also there is no guarantee there will be any successful conclusion to the negotiation,” Samani said.“There are professional firms that do this all of the time, so if you feel you must pay, then use a legitimate organisation to handle the negotiations. Also, remember to check NoMoreRansom – a decryption key may be available.For every expert who decries ransomware payments and says they should never be made, there are always exceptions. As a rule of thumb, no, we should not be paying criminals to fix problems they created in the first place. No, we should not be giving in to extortion and contributing funds to a criminal ecosystem. No, just because they’ve been clever enough to hack you, it does not necessarily equate to the fact that the hackers are capable of helping you decrypt your files, even if negotiations do succeed.In this case, the company in question went through two negotiators and a not insignificant amount of both time and money to achieve the outcome they were hoping for. With just a small amount of planning and forethought, a decent backup would have solved the decryption problem and taken away one of the key bargaining chips the hackers held.And in a convoluted cyber criminal ecosystem, even after files have been recovered and the exfiltrated data has been deleted from the hackers’ systems, there’s simply no guarantee you’re off the hook. The hackers may attempt a second attack now that they know the company is willing to pay; other criminals may follow suit, or the data could later emerge and be maliciously remonetised despite the promises otherwise.There is simply no way to know for sure. So, don’t pay a ransom – unless you absolutely feel you have to.The majority of experts we’ve spoken to admit that in some cases, paying the ransom may seem the smarter play. If the data you know has been compromised is particularly sensitive – patient data, for instance, or if critical systems have been taken offline and business continuity requires a ransom to be paid – then perhaps it’s the best move.However, if negotiations are ever entered into, it’s worthwhile to know what to expect, the pressure tactics criminals employ, and that the final price is never the final price.David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.

A new survey by IDC highlights a significant increase in artificial intelligence-powered cyber threats across Australia and the wider Asia Pacific region, with organisations reporting greater complexity and volume in digital attacks.The study, commissioned by Fortinet, illustrates a rapidly shifting threat landscape, largely attributed to cyber attackers' adoption of AI technology to orchestrate stealthy, fast-moving campaigns. As a consequence, security teams often struggle to detect and respond in time, resulting in increased vulnerability for many organisations.Escalating AI-driven attacksThe survey found 51 per cent of Australian organisations encountered AI-enabled cyber threats in the past year. Among these, 76 per cent reported a two-fold rise, while 16 per cent noted a three-fold surge in such incidents. Key threats identified include self-evolving malware, AI-assisted credential stuffing and brute force attacks, deepfake impersonation, AI-enhanced zero-day exploit discovery, and sophisticated deepfake-driven social engineering. These methods often target human weaknesses, system misconfigurations, and identity management protocols.Despite the scale of these attacks, confidence in defensive capability remains low; only 32 per cent of local organisations express strong confidence in their ability to protect against AI threats. Furthermore, 15 per cent believe that AI-driven threats are outpacing their detection capabilities, revealing a significant preparedness gap for many firms."The findings of this survey point to a growing need for AI-accelerated defence strategies across Asia Pacific, Japan, and China (APJC). Organisations are facing a surge in stealthy, complex threats—from misconfigurations and insider activity to AI-enabled attacks—that bypass traditional detection methods. A shift toward integrated, risk-centric cybersecurity models is critical to staying ahead. In this new threat landscape, reactive security is no longer enough; predictive, intelligence-driven operations must become the norm." Simon Piff, Research Vice President, IDC Asia-PacificPerpetual risk environmentCrisis-driven security events have become less episodic and more endemic, according to the report. The most frequently encountered threats in Australia are denial of service (60 per cent), software supply chain attacks (59 per cent), cloud vulnerabilities (59 per cent), ransomware (56 per cent), and insider threats (51 per cent). Notably, unpatched vulnerabilities and zero-day exploits, along with insider threats and cloud misconfigurations, now feature prominently as the most disruptive threats.This shifting threat environment is not only affecting system uptime. Data theft and privacy violations (47 per cent), loss of customer trust (40 per cent), operational disruption (36 per cent), and regulatory penalties (35 per cent) are now the top consequences. Financial repercussions are also noted, with 54 per cent of respondents reporting breaches with monetary losses, and about one-third experiencing incidents costing more than USD $500,000.Resource constraints for security teamsResource limitations are compounding the challenge. On average, only 7 per cent of a typical workforce is dedicated to IT, and just 13 per cent of that is allocated to cybersecurity, leaving many organisations with less than one full-time cybersecurity professional per 100 employees. Only 15 per cent of those surveyed employ a dedicated Chief Information Security Officer, and most organisations merge cybersecurity functions with broader IT roles. Furthermore, specialist teams such as threat hunting and security operations are rare, present in only 6 per cent of Australian organisations.Security teams also face increasing pressure from higher threat volumes (54 per cent), challenges in retaining skilled cybersecurity staff (52 per cent), and tool complexity (44 per cent). These factors can lead to team burnout and fragmented operational response.Investment trends remain cautiousCybersecurity spending, while increasing, still lags behind the heightened risk environment. Organisations typically allocate around 15 per cent of their IT budgets—barely over 1.4 per cent of total revenue—to cybersecurity. Most budget increases remain under 10 per cent, according to the survey. Strategic investment priorities are shifting toward identity security, network security, secure access service edge (SASE) or zero trust, cyber resilience, and cloud-native application protection.Nevertheless, operational technology/Internet of Things (OT/IoT) security, development security and operations, and security training continue to see limited allocations, indicating ongoing gaps in addressing operational and human-layer vulnerabilities.Platform integration and simplificationNine out of ten surveyed organisations are either converging their security and networking infrastructure or evaluating related options. This shift aims to simplify architectures, integrate disparate defences, and streamline operations. While 74 per cent are consolidating their technology platforms, almost half still struggle with tool management—citing fragmentation and lack of integration as persistent challenges.Organisations see vendor consolidation as a way to reduce costs and enhance both detection speed and issue resolution. Faster support (59 per cent), cost savings (53 per cent), better integration (53 per cent), and improved security posture (51 per cent) are highlighted as the principle benefits sought through consolidation."Organisations must approach security defence as a dynamic and continuously evolving ecosystem. This requires more than simply adopting the latest technologies. Lasting resilience comes from effectively embedding and optimising security solutions in alignment with people and processes. Fortinet is focused on helping companies shift from piecemeal defences to AI-powered security systems that are built for scale and sophistication. As the market shifts from infrastructure-centric models to more strategic priorities such as access, identity, and fortification, Fortinet is assisting customers to position cybersecurity as a long-term business enabler rather than just a protective measure. Through its platform approach, Fortinet provides the scale, intelligence, and simplicity organisations need to stay ahead of evolving threats." Glenn Maiden, Director of Threat Intelligence, FortiGuard Labs, Australia and New Zealand, FortinetThe survey was based on responses from 550 IT and security leaders across 11 Asia-Pacific markets, including 70 in Australia. Respondents were from organisations with more than 250 employees and were directly involved in cybersecurity decision-making.

Easy access to data and the ability to utilize it in meaningful ways have always been important, but in the era of AI, machine learning, and data analytics, it has become absolutely essential. The global AI market, currently valued at over $390 billion, is projected to exceed $826 billion by 2030. However, this growth is contingent on AI technology continuing to evolve and increase in applicable value. Achieving that requires vast amounts of data. Organizations worldwide stored approximately 7.2 zettabytes (ZB) of data in 2024, and this figure is expected to grow to 15.1 ZB by 2027. This major growth underscores the need for reliable, accessible storage solutions that can handle increasing data demands.The explosion of AI-driven applications across industries—from finance and healthcare to manufacturing and retail—has further accelerated the demand for vast and well-prepared datasets. AI systems thrive on data, using it to refine algorithms, enhance predictive models, and optimize automation. According to leading firms like IDC, the more high-quality data an organization has, the more it can improve the effectiveness of AI outcomes to enable smarter decision-making and drive operational efficiency. Yet, the challenge lies not just in collecting and generating massive amounts of data but in ensuring its long-term retention and accessibility. Without proper storage solutions, businesses risk losing valuable information that could shape the next wave of AI advancements.The Importance of Data for AIFor AI to continue advancing at its current pace, it must consistently improve in efficiency and accuracy. The only way to achieve this is by providing AI models with continuous and high-quality data for training. The datasets used to train large language models (LLMs) have grown at an astonishing rate, tripling in size each year since 2010. For instance, GPT-2 was trained on a dataset containing roughly 3 billion words, while GPT-4, released just four years later, was trained on approximately 9.75 trillion words.This rapid expansion of AI training datasets presents a significant challenge: how to cost effectively store large amounts of high-quality data. As AI systems consume vast amounts of existing text-based data—including books, articles, and research papers—organizations risk exhausting high-quality human-generated material. This could force AI developers to rely on AI-generated content for future training, leading to potential issues such as reduced accuracy, decreased creativity, and increased repetition. To counter this risk, organizations must prioritize retaining a majority of the data they generate, as it may become a valuable resource for training AI models in the future. This necessity drives the demand for robust, scalable, and long-term storage solutions.Data Analytics as a Competitive Advantage: There’s No AI Without IAAI-driven analytics have become a cornerstone of modern business strategy, offering organizations the ability to uncover patterns, predict trends, and make faster, smarter decisions. But while AI gets the spotlight, it’s easy to overlook the unsung foundation behind it all: data. More specifically, the infrastructure that makes decades of data available when and where it’s needed—what we now call the Information Archive (IA).The IA as a deep reservoir of organizational knowledge, often housed on cost-effective, scalable storage like tape. It’s where vast volumes of structured and unstructured data are preserved—not just for compliance, but to fuel potential innovation leading to competitive advantages. When it comes time to train AI models, large datasets are temporarily pulled from this archive into high-performance systems. Once the training is complete, the data returns to the IA for long-term retention. This cycle of access and preservation makes continuous AI development possible.An organization’s ability to make high-impact, data-driven decisions doesn’t just rely on the latest AI tools. It depends on whether you can access and retain the right information—over time, at scale, and without sacrificing cost-efficiency. Done well, data analytics can personalize customer experiences, streamline operations, and pivot quickly in response to shifting markets. However, all of that hinges on a long-term data strategy that views collecting information not as a storage problem, but as a strategic asset. The future belongs to organizations that treat their historical data as a living resource—one that continues to grow in value with every AI-driven insight. New Opportunities for a Proven TechnologyThe surge in data-driven AI applications introduces new demands for storage solutions. Organizations require a system that enables long-term storage of massive datasets while ensuring accessibility, sustainability, and security. Additionally, with cyberattacks on the rise—global cybercrime costs are estimated to reach $10.5 trillion annually by 2025—data security has become a critical consideration for any storage solution. Many enterprises may instinctively seek out cutting-edge, newly developed storage technologies to meet these requirements. Because of the need for reliable storage now, however, organizations should consider an existing technology that has already proven its reliability: tape storage.For decades, many established organizations have relied on tape storage, even as newer, cloud-native companies have overlooked it. However, the resurgence of AI, machine learning, and advanced data analytics has provided new use cases for this tried-and-true technology. Tape storage offers a powerful combination of scalability, flexibility, cost efficiency, and security, making it an ideal solution for managing massive AI and ML workloads. Unlike many other storage solutions, tape is highly sustainable, as it consumes no energy while storing data, significantly reducing its carbon footprint. Furthermore, its offline capability provides an extra layer of protection against cybersecurity threats such as ransomware attacks, as data stored on tape is inherently immune to remote breaches.Modern tape storage solutions have evolved to meet the demands of AI and data analytics. With the latest advancements in high-capacity tape technology, businesses can store petabytes of data at a fraction of the cost of traditional cloud-based solutions. Additionally, tape’s longevity—often exceeding 30 years—ensures that organizations can preserve valuable datasets without the risk of data degradation. This makes it a highly attractive option for enterprises seeking to future-proof their data infrastructure while maintaining cost efficiency.The AI and Data RevolutionThe ongoing AI revolution is fundamentally a data revolution. Organizations that fail to prioritize data storage and accessibility risk falling behind in an increasingly data-driven world. More data equates to more opportunities for innovation and competitive differentiation. By embracing scalable and secure storage solutions, including the renewed potential of tape, organizations can ensure they remain at the forefront of AI advancements and data-driven decision-making. As businesses continue to navigate the complexities of AI-driven growth, those that recognize the importance of data retention and intelligent storage solutions will be the ones that thrive in the data-centric future.The post The AI Revolution Is a Data Revolution: Why Storage Matters More Than Ever appeared first on Unite.AI.

Seagate’s HAMR roadmap could deliver 150TB hard drives - but not before 2035Mozaic platform now enables 4TB platters, paving the way to 10TB disks by 2028Mozaic 4 to ship in 2026, while Mozaic 5 aims for late 2027 qualificationsAt Seagate’s recent 2025 Investor and Analyst Conference, CEO Dr. Dave Mosley and CTO Dr. John Morris outlined the company’s long-term roadmap for hard drive innovation.This hinted at the possibility of 150TB hard drives, the largest HDD ever, by groundbreaking 15TB platters, but cautioned that this milestone remains at least a decade away.The foundation of this future lies in Seagate’s HAMR (Heat-Assisted Magnetic Recording) technology, currently being deployed through the company’s Mozaic platform.10TB per platter on track for 2028“We have high confidence in our product roadmap through Mozaic 5. And notably, the design space for granular iron platinum media that's in Mozaic 3 looks very viable to get us up to 10 terabytes per disk,” said Dr. MorrisThat 10TB-per-disk benchmark is expected to be reached by 2028. “We do have confidence that we can provide a path to 10 terabytes per disk in roughly this time frame,” Morris added, explaining that spin-stand demonstrations of new technologies typically take five years to reach product qualification.Looking beyond 10TB, Seagate is exploring how to extend the capabilities of its Iron Platinum media.“We believe that there's another level of extension of that granular iron platinum architecture that could theoretically get as high as 15 terabytes per disk,”Are you a pro? Subscribe to our newsletterSign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!Such an achievement would pave the way for 150TB hard drives by stacking 10 platters per unit. However, he warned, “beyond 15 terabytes per disk is going to require some level of disruptive innovation.”Seagate’s CEO, Dave Mosley, echoed this long-range vision, noting, “We now know how we can get to 4 and 5 and beyond. As a matter of fact, we have visibility... beyond 10 terabytes of disk with the HAMR technology.”“It’s not going to be easy, but I’m convinced that’s going to keep us on a competitive cost trajectory that no other technology is going to supplant in the next decade, probably beyond.”The company’s confidence is backed by recent milestones. Mozaic 3, which delivers 3TB per platter, is now in volume production, and Mozaic 4 (4TB per platter) is scheduled to enter customer qualification next quarter.Seagate expects to begin volume shipments of Mozaic 4 drives in the first half of 2026. Meanwhile, Mozaic 5, targeting 5TB per platter, is planned for customer qualification in late 2027 or early 2028.Still, Seagate made it clear that 150TB drives based on 15TB platters are not imminent. As Morris emphasized, “This is just one other element in the work that we do to underpin our strategy... it will take time. There’s still a lot of work in front of us to get there.”You might also like

After years of development and anticipation, the Linear Tape-Open (LTO) Consortium has officially launched LTO-10, the tenth generation of the industry's most widely adopted tape storage format. The latest generation as of 2025, LTO-10, can hold 30 TB in one cartridge, or 75 TB with industry-standard 2.5:1 compression.The launch represents a significant milestone in data storage technology, arriving exactly 25 years after the original LTO-1 format debuted in 2000 with just 100GB of capacity. From LTO-1 in the year 2000 to LTO-10 in 2025, the format has delivered a 300-fold increase in capacity per cartridge.In a departure from previous generations, LTO-10 can't read or write LTO-9 media. Unlike previous generations that maintained at least one generation of backward compatibility, LTO-10 breaks that tradition entirely. This strategic decision by the LTO Consortium - comprised of IBM, Hewlett Packard Enterprise, and Quantum Corporation - enabled the dramatic capacity improvements.LTO-10 now offers 30TB of native capacity, finally catching up with (and arguably surpassing) hard drives considering that 30TB HDDs are still rare in the mainstream and mostly reserved for hyperscalers. The technology maintains the familiar 400 MB/s transfer speed but introduces enhanced connectivity options, including support for 32Gb Fibre Channel connections.Beyond raw capacity gains, LTO-10 introduces several operational enhancements that address long-standing user pain points. LTO-10 tapes need no calibration. For anyone managing tapes at scale, that's a big operational efficiency improvement over LTO-9, which required time-consuming media optimization procedures that could delay initial use by up to two hours.The new format also supports active optical connectivity, extending cable distances from 10 to 100 meters and providing greater deployment flexibility for enterprise data centres managing large-scale tape libraries.Industry Response and Market ImpactMajor storage vendors have quickly embraced the new standard. Tape library manufacturers Symply and Quantum have also announced LTO-10 support, with comprehensive integration across their product portfolios. Quantum Corporation announced that its new Scalar i7 RAPTOR system can deliver up to 60 petabytes of native storage capacity in a single rack when equipped with LTO-10 drives."The introduction of LTO-10 marks a major leap forward in tape technology," said Fred Moore, president, Horison Information Strategies. "Its capacity, performance, and architectural improvements make it the most compelling choice for petabyte-scale, long-term data retention—especially in today's AI-driven, video-rich, and compliance-heavy environments."The timing of LTO-10's arrival aligns with unprecedented growth in data generation driven by artificial intelligence applications, high-resolution media content, and stringent regulatory compliance requirements. Since late 2022, Artificial intelligence has experienced exponential growth, driving unprecedented increases in the amount of data created and stored.Tape storage has experienced renewed relevance as organizations seek cost-effective, secure solutions for long-term data retention. The format's inherent air-gapped nature provides natural protection against ransomware attacks, a growing concern for enterprise IT departments managing critical data assets.Tape remains the most energy-efficient storage medium. Moving inactive data from HDD or SSD can dramatically reduce energy consumption. Comparing HDDs to LTO 9 with 100 cartridges/drive, tape used 94% less energy per TB. LTO-10 will be even more energy efficient.LTO-10 technology is available for immediate ordering. Initial shipments of LTO-10 drives and Certified Media will begin in June 2025. The technology will be available across multiple vendor platforms, including standalone drives and integrated library systems.Looking ahead, the LTO roadmap projects capacities doubling with every subsequent generation. LTO-10 (up to 90 TB compressed) and LTO-11 (up to 180 TB compressed) are likely to continue LTO technology's rapid acceptance in the coming years. The current roadmap extends to LTO-14, which could potentially break the 1-petabyte barrier within the next decade. 

Feature The future of archival data storage is tape, more tape, and then possibly glass-based tech, with DNA and other molecular tech still a distant prospect.The function of archival storage is to keep data for the long term – decades and beyond – reliably and affordably. Currently, the main medium for this is LTO tape and it is slow, has a limited life, and not enough capacity considering the implications of ever-increasing image and video resolution and AI-infused data generation. However, there is as yet no viable tape replacement technology at scale, only possibilities, with optical storage more practical and nearer to productization than DNA or other molecular storage.Tape limitationsStreaming tape, with the tenth LTO generation (LTO-10) being announced, faces growing inadequacy. Although it is the most popular archival storage choice because it has a far lower cost per terabyte than either hard disk or SSD, a tape's content requires it to be copied and written (resilvered) to a fresh tape every five years or so to avoid bit rot.Symply LTO-10 tabletop and rackmount tape libraries"Magnetic technology has a finite lifetime," says Ant Rowstron, Distinguished Engineer, Microsoft Project Silica. "You must keep copying it over to new generations of media. A hard disk drive might last five years. A tape, well, if you're brave, it might last ten years. But once that lifetime is up, you've got to copy it over. And that, frankly, is both difficult and tremendously unsustainable if you think of all that energy and resource we're using."Tape's access speed is slow as it is read sequentially while being streamed through a tape drive, unlike both disk and SSD, which are both randomly accessible giving a far faster time to first byte. LTO-10 has a 400 MBps throughput, the same as LTO-9 with its 18 TB raw/45 TB compressed capacity. It will take longer to read an LTO-10 tape than an LTO-9 tape because it has 66.7 percent more data on it.Tape reel capacities are also falling behind those of disk and SSD. The latest LTO-10 has a 30 TB raw capacity and, at a 2.5:1 compression ratio, 75 TB. Disk drives are now in the 32-36 TB area with 40 TB coming. SSDs are already far beyond that with 122 TB drives available and 256 TB forecast for next year. The rate of tape capacity increase is slow in comparison, with the next generation, LTO-11, expected to have up to 72 TB raw capacity when it arrives around 2027/28. At that point, disk drives will have around 50 TB of capacity and SSDs should be heading past 300 TB.But tape is affordable, much more so than either disk or SSD, and the best archival medium we have even though it is slow, getting limited in capacity, and only lasts five to ten years. It does have a roadmap for another four generations, taking us to around 2035/36, which provides some reliability, but it is ripe for replacement should a better technology come along. There are two potential replacements getting attention – glass-based and molecular technologies.The glass archive game and Project SilicaMicrosoft's Project Silica uses technology developed by the UK's University of Southampton to store data in square silica glass tablets by using polarization-based nanostructures, created by femtosecond infrared laser pulses. The glass is impervious to heat, boiling water, electromagnetic field radiation, various chemicals, and surface scratches shouldn't affect data recovery.Project Silica glass tabletThe nanostructures, defined by position, orientation, size, and light refraction, are created in a silicon glass tablet, 75 by 75 by 2 millimeters thick (2.95 x 2.95 x 0.08 inches). Together with Microsoft researchers, the academics stored 75.6 GB of data using multiple layers back in 2019.The Southampton-based researchers then developed a 5D system using two optical and three spatial dimensions in the silica glass. They burned nanoscale circular voids or holes – 130 nm in size – in the silicon using a femtosecond laser pulse to create a micro-explosion and then following pulses to alter the shape, size, and edges of the void to create 460 x 50 nm nanolamellas – nanoscale plate-like structures or gratings called voxels (volumetric pixels). Each voxel stores four bits.Microsoft says Project Silica glass tablets, roughly the size of a drink coaster or DVD, can now hold 7 TB of raw data, in 100 or more layers, and preserve the data for thousands of years. It uses Azure AI to decode the data stored in glass, saying it makes reading and writing faster and allows more data storage than otherwise.Data is stored in a four-step process: Writing with an ultra-fast femtosecond laserReading through a computer-controlled, polarization-sensitive microscope with polarized light shined through the glassDecoding via machine learning algorithms, interpreting the polarized light patternsStoring in a library, like tape cartridgesThe library has battery-powered robots that charge as they idle inside the library, starting when data is needed. They ascend the rows of shelves, pick up a glass tablet, and take it to the reader. The system doesn't allow stored tablets with data to be taken to the writer station; they are designed to be immutable. However, if they were taken to the writer, the femtosecond laser pulses there could corrupt the stored data.Two Project Silica library robotsWe don't know the current tablet capacity in actual terabyte numbers, nor the read and write throughput speeds. Microsoft says: "We're able to achieve system-level aggregate write throughputs comparable to current archival systems," presumably meaning tape libraries, and carefully not saying faster than the comparable systems. There is no sign of any imminent availability and we would estimate Project Silica to be two to five years away from product availability.Microsoft emphasizes the low power requirements for Project Silica libraries, pushing out a sustainability message. It views Project Silica as a way of developing archival storage for its Azure cloud service. This means it's proprietary to Microsoft and unlikely to be made commercially available to AWS, the Google and Oracle clouds, or others.Elire, a sustainability-focused venture group, has collaborated with Microsoft Research's Project Silica team to harness this technology for their Global Music Vault in Svalbard, Norway. Elire plans to expand this musical repository by establishing locations worldwide that are more accessible than Svalbard.CerabyteCerabyte's ceramic-coated glass is different in that femtosecond laser pulses burn nanoscale pits in a ceramic medium layered in a glass tablet. It is a single-layer technology so the tablets store less data than Project Silica – 1 GB per surface. However, their endurance and resistance to physical, chemical, and electromagnetic radiation attack is the same. So too is their physical storage in a robot-accessed, tape-style library, and two separate stations for writing data and reading it.Cerabyte diagramCerabyte's tablets store data in QR (quick response) codes – two-dimensional bar codes – and the data is read by a scanning microscope. Since it is a single layer device, both reading and writing are much simpler than the Project Silica processes, which need to cope with 100 or more layers and thus have far more precise laser and scanning microscope positioning requirements.The company says it "writes up to 2,000,000 bits with one laser pulse, enabling ultra-fast data storage and reading with high-speed cameras," but we have no actual throughput numbers.Cerabyte glass tabletAs with Project Silica and unlike tape, the stored tablets do not need periodical rewriting.Cerabyte has attracted investment from In-Q-Tel, Pure Storage, and Western Digital. Shantnu Sharma, WD's Chief Strategy and Corporate Development Officer, said: "We are looking forward to working with Cerabyte to formulate a technology partnership for the commercialization of this technology."With an office in Boulder, Colorado, near LTO tape library suppliers SpectraLogic and Quantum, Cerabyte is in the heart of the US's robot archival library development area. Like Project Silica, it is, in our assessment, two to five years away from commercial product availability, but it will then be commercially available.The DNA fantasyScientists have noticed that DNA stores vast amounts of information in its double helix strands. These are composed from chemical molecules, nucleotides containing one of four nucleobases: cytosine (C), guanine (G), adenine (A), and thymine (T). These four letters of DNA compose a mini-alphabet and their combinations can store data. A nucleotide is far smaller than a disk, SSD, or tape magnetic bit area, and supplier Biomemory claims that 45 zettabytes of data could be stored in 1 gram of DNA. Read about a Biomemory DNA storage array concept here.From the archival storage point of view, DNA can last for hundreds of years in the right conditions. That's the attraction, but developing a workable DNA archival storage technology is fiendishly difficult because the mechanisms of writing and reading it are deplorably slow and complex. We are talking about chemical reactions, not electrical or magnetic ones, and need to recognize that a DNA storage entity will contain the equivalent of a tape reel chopped into millions of fragments and mixed up.Biomemory rackable DNA data storageOnce incoming data is coded into some representation of the DNA alphabet or structure, it is written in sequence into the molecular medium, but this output has no intrinsic structure at all. It's just molecules grouped together in little clusters and floating around inside some liquid. These fragments need to be retrieved and sequenced to recover the tiny packets of information each one contains and then the whole data item reconstituted from the fragments, a bit like receiving and reordering the packets from an internet protocol network message.Written DNA is immutable. But reading a DNA storage medium is destructive. You need enough of it to read it several times. The reading and writing equipment is bulky and read speeds are horrendous. Chinese researchers, using a methylated DNA technique, wrote data at 40 bits per second. LTO-9 tape writes data at 400 MBps, 3,200 Mbps – 80 million times faster.It is just not possible to conceive of DNA storage achieving an 80 million times write speed improvement in, what, ten years? Twenty years? It's a scientific daydream for the foreseeable future.Molecular electrical storageA different molecular storage concept involves sequence-defined polymers (SDPs) and is being researched at the University of Austin, Texas. The researchers write in a Cell paper: "SDPs offer advantages over DNA. For example, DNA is limited to four monomers, yet SDPs can use a much larger set – eight, sixteen, or even more – allowing for greater information density."Because DNA sequencing is slow and impractical for data storage, for the purposes of the study, the researchers invented an electrochemical method for decoding sequence-defined polymers, a form of plastic. Sequence components are used to represent the 256 ASCII characters and read via their individual electrical signals.Corresponding author and electrical engineer Praveen Pasupathy of the University of Texas said in an announcement: "Molecules can store information for very long periods without needing power. Nature has given us the proof of principle that this works. This is the first attempt to write information in a building block of a plastic that can then be read back using electrical signals, which takes us a step closer to storing information in an everyday material." The research group ran a proof-of-concept experiment, reading and decoding an 11-character password in 2.5 hours. Senior paper author and chemist Eric Anslyn of the University of Texas said: "Our approach has the potential to be scaled down to smaller, more economical devices compared to traditional spectrometry-based systems. It opens exciting prospects for interfacing chemical encoding with modern electronic systems and devices."This is still work being done at the frontier of research, very far from being commercially viable, whether DNA or plastic. The only viable tape replacement technology in sight is optical, with Cerabyte and Microsoft racing to develop it.Microsoft claims higher-density glass tablets than Cerabyte, but may keep its technology for in-house use. Cerabyte wants commercial glory and has convinced Pure and Western Digital that it's worth a punt. If a tape library system vendor gets involved, then Cerabyte's concept will be a step closer to being realized. ®