Backups – from business continuity fundamental to top attack target
Backups have been a somewhat boring but vital aspect of business continuity and disaster recovery for decades but recent targeting by cybercriminals to enhance the impacts of ransomware attacks has placed backups in the spotlight – and has highlighted some common problems.
Adversaries have one goal in mind: disruption. This takes many forms, whether that be the altering, encrypting, or destruction of data, but the one underlying commonality between these methods is the unauthorised accessing of data. The ultimate way to combat this is to have a secondary ‘source of truth’ where uncorrupted data is held. With this, regardless of the form the attack takes, organizations should be able to resume operations with limited downtime or monetary loss.
Now, well into the 2020s, adversaries are becoming more and more advanced with their attacks. Well-versed in the benefits of backup, not only are cybercriminals developing tools that can subvert backup methods, they are also actively attacking them.
How are backups being targeted?
It’s clear why backups are such a key target for cybercriminals, but in what form do these attacks actually take place?
In the modern digital world, traditional approaches to data protection have been seen to fall short as businesses try to recover from cyber attacks. As cybercriminals have grown in sophistication, they no longer just infiltrate and corrupt production data and systems, but also insert malware into backups. So, when organizations prepare to recover from the attack, they are stuck in a vicious cycle of restoring the virus, and often the criminal’s original access, making it almost impossible for them to recover successfully and leaving them little choice but to pay the ransom.
Ways to protect backups
Despite threat actors becoming wise to the use and management of backup systems, there are new methods emerging which are equipped to handle the current threat landscape, particularly with the development of cloud computing. For example, air-gapped storage, through the cloud, can provide organizations with a secondary copy of their data which is ‘locked’ away from cybercriminals and unable to be tampered with or deleted.
But, even with the benefits of the cloud, there are considerations to be taken into account for organizations that wish to utilise cloud providers.
Not every cloud backup solution is created equal. Organizations need to ensure that they are choosing a trusted cloud hosting provider that offers comprehensive expertise, 24/7 support, and robust disaster recovery solutions. From the data centre providers’ point of view, they need to take every necessary precaution to ensure that customers’ data is available around the clock, along with comprehensive backup. This includes the availability of emergency support services, such as batteries and generators, in case of power outages.
If your organization is transitioning workloads to public cloud, you may well have concerns around losing control of your data. These aren’t unfounded – SaaS providers take backups to ensure the integrity of their services, but they will not take responsibility for data loss that results from accidental deletion, malware, or operational errors. Organizations need to consider how they protect data stored in public cloud environments. I recommend partnering with a trusted data protection provider to hand control of your mission-critical data back to your organization.
In addition to all the considerations to be taken into account when it comes to cloud providers, there are other barriers that come in regard to backup, a simple one being perception. With the fast evolution of technology, many are always out to get the ‘shiniest toy’ and backup simply isn’t it!
The future of backup
The acronym on everyone’s lips this year is ‘AI’, but how does such a new technology interact with a legacy method such as backup?
Tim Sherbak, Product Marketing at Quantum, considers how backing up data has been a necessity for decades for organizations to keep their data safe and recoverable. Now that AI has burst onto the scene, especially in the last year, the data organizations are accumulating – and increasingly storing forever – holds the potential for far greater value than ever before. Training an AI model to complete a task successfully relies on the quantity, quality, and variety of the data given as input. The more robust the dataset, the better the model will be able to detect specific patterns of interest and generate meaningful content.
«Organizations need to be confident that they can restore their data in the event of a cyber attack or natural disaster. Having a rock-solid data protection strategy and a tried and tested disaster recovery plan are essential. With increasing regulations and corporate recognition of inherent risk around the use of AI, retaining model training and input data is also non-negotiable for documenting solutions, explaining the models and their outcomes, complying with internal policies, and mitigating legal risks. Massive data growth and its required retention will drive the need for new levels of cost efficiency and accessibility in our data protection solutions. Emerging high-performance solid-state flash backup storage targets will become mainstream along with automated, software defined tape solutions for massive scale, low cost, and simple operations to effectively reuse and retain these valuable data assets for decades to come.»
Tim Sherbak, Product Marketing at Quantum
Looking forward, there are numerous considerations to be taken into account when looking at backup solutions, especially with the emergence of newer technologies such as cloud and AI. However, what remains true is that backup is essential. Until threat actors are no longer seeking to wreak havoc through the manipulation of data, backup will remain an essential cornerstone of any cyber resilience strategy.
Interested? For further questions, please contact: