Your Data Backup Strategy (or Lack Thereof) Can Attract Attackers


World Backup Day, March 31, is a reminder that today’s businesses are data-driven. Charles Smith, consulting solutions engineer of data protection at Barracuda Networks, discusses why data should be stored properly and effectively to ensure that organizations can still operate in the face of a cyberattack. 

Today’s businesses are data-driven, plain and simple. Business and IT leaders utilize data to guide their organizations; they make strategic decisions based on this important asset, and without it, many businesses – from the largest company in the world to the smallest – simply wouldn’t be able to exist. The impact of data loss or data corruption can devastate a business’s day-to-day operations, making data backup and recovery vital to a business’s bottom line – and top line, for that matter. Threats such as malware, including ransomware and even natural disasters, pose a real threat to data, further stressing the value of a company’s data backup and recovery efforts.

We’ve been highlighting the importance of backing up data for many years. In the face of many other daily business pressures, sometimes we need the reminder that comes along with World Backup Day. Since its inception 12 years ago, a lot has changed in the digital world, yet organizations still struggle to restore data from backups – whether it’s in the wake of a crisis, a ransomware attack, or even accidental loss through human error.  

Are organizations hit by ransomware restoring encrypted data from backups? Research shows that while over half of the targets paid the ransom, only a third of victims were able to  retrieve encrypted dataOpens a new window – either because they didn’t have adequate backups to restore from or because attackers accessed their backups and deleted their files.

Discovering, disabling and even deleting backup data has become commonplace for the ransomware threat actor. If an organization’s data backup plan is flawed or has any security gaps, you can be sure that attackers will likely find a way to exploit those vulnerabilities.  

See More: World Backup Day: Backing Up Your Data Starts with Securing It

Cybercriminals Are Looking for Vulnerabilities in Backup Systems

It’s critical that businesses keep their data secure, and one way of doing that is by backing it up. At the end of the day, backup data also needs to be safe and secure. A recent surveyOpens a new window found that 18 percent of global organizations’ data is not backed up, therefore exposed to permanent loss  – despite data backup being a fundamental part of any data protection strategy.

Unreliable data backup strategies increase the likelihood that business leaders will pay a ransom to recover their company assets. Securing backup software and appliances is critical and robust protection is vital. This in and of itself can reduce the attack surface and mitigate the risk of attackers discovering and wiping backup data before an attack takes place.

As threat actors search out their victims, they look for backup strategies that have the following attributes: 

  • Elevated access to backup software: The more people that have access to backup data and backup software, the greater the risk that attackers can deploy identity-based tactics to break in. Attackers can use stolen credentials with domain admin or other privileged access rights to gain access to backup data and take down a business’s ability to recover data after an attack.
  • Network-connected backup systems: From an infected endpoint, cyberattackers can move laterally within an organization to discover and gain access to backup software if it’s connected to a corporate network. They can wipe, turn off and even delete backup files from within.  
  • Remote access: The hybrid and remote workplace infrastructure opens up the door to hackers. Backup systems that are remotely connected to servers need to have strong protection and authentication methods associated with them. If they don’t have these policies and procedures in place, data backups can be easily infiltrated.  
  • Infrequent backup schedule: Data needs to be backed up on a regular basis; if organizations can do so on a daily basis, that’s even better. If backups are performed infrequently, when it comes time to use them, they might be less effective. While not entirely useless, backing up data from an outdated recovery backup could extend the time it takes to restore data after a crisis. 
  • Untested backups: Testing backup and restore processes are vital and can ensure that your business is ready in a worst-case scenario. There’s no harder time to find out that your backups don’t work than in the middle of a breach or disruption. Plan ahead, test your backups and be confident that when the time comes to use them, they’ll work.  

Backup Strategies Should Be Robust

Data backup remains the best way to mitigate the risk of data loss. Here are some best practices that can help leaders build a robust backup strategy that aligns security with business continuity:

  • Back up everything: A full system backup allows businesses the ability to recover systems faster and more efficiently after an incident.
  • Don’t run backup manager on Windows: Try to avoid running your backup manager on the Windows operating system, as attackers can breach these relatively easily. Other operating systems, such as Linux, are more secure. 
  • Run virus protection software on backups: This should go without saying, but make sure your backup server is running security software to protect the integrity of your business data. 
  • Automate backups: Consider implementing an automated backup service that will ensure all data is regularly backed up so you have minimal data loss when restoring. If you have the means to back up your data daily, do so.
  • Deploy multi-factor authentication (MFA): Implement MFA and role-based access control (RBAC) to ensure that only a select group of authorized users can access your backup data. Not everyone should have access to backup files and data; only those that need to have access should have access. 
  • Have duplicate backups: A backup system that allows for multiple iterations of the backups in multiple locations is important. Replicate your backups off-site to a remote site or a cloud provider that provides an air-gapped layer of security between your local, on-premises backup server and the off-site location. There’s nothing worse than having to use a backup and finding out that your backup copy includes encrypted or infected files. Having multiple copies can be a lifesaver. Apply the gold standard of 3:2:1 – three backup copies, using two different media, one of which is kept offline.

Today’s businesses have tons of data – and it’s everywhere. The sheer volume of data can be overwhelming, especially when it comes to backing it all up. Good intentions are useless if poorly implemented. 

Having a data backup strategy in place that is tried and tested can help businesses recover in the event of a successful cyberattack and is your safest bet to protect your organization. They are also a basic IT necessity. Here’s to a happy World Backup Day!

Are you fine-tuning your data backup strategy this World Backup Day? Share with us on FacebookOpens a new window , TwitterOpens a new window , and LinkedInOpens a new window . We’d love to hear from you!

Image Source: Shutterstock