Avoiding the biggest threats to data backup

null

I’m seeing an explosion in the quantity of data being stored and transferred by individuals, companies and organisations all over the world. Data is already everywhere and with file sizes increasing, its rate of multiplication is moving fast, with more data than ever before needing to be backed up. 

All the while, data protection is becoming a bigger challenge, dominating both headlines and boardroom conversations. Just last summer, the UK’s National Crime Agency and National Cyber Security Agency joined forces to sound the alarm around the significant and growing risk to businesses that ransomware poses. Ransomware will only become more sophisticated, with backup a key way to avoiding becoming the next ransomware victim. With efficient backup management in place the severity of the attack can be significantly, if not completely, reduced to a minor inconvenience. 

With data so fundamental to businesses, backing up shouldn’t be pushed to the back-of-mind. Data is arguably one of, if not the most important, backbone to successful business operations, and if a network is compromised or impacted by some disaster, the backup is the safehouse for company data and operations. Unfortunately, many people place data loss prevention and data backup maintenance on the back-burner, and open the doors to a variety of threats beyond the network, including threats that can target backup. After examining the top security threats to data and its backed up versions, here are the 7 biggest risks that you should remember and aim to avoid at all costs. 

The recycle bin is not a sustainable method of backing up data   

According to a recent study, nearly 66 percent of Office 365 administrators use the recycle bin as their form of backup. This allows ‘backup’ data to be easily accessible for a malicious actor surfing the local desktop. The recycle bin is not equipped with the same security features as a backup system, therefore, it’s very insecure. 

81% of administrators fail to backup their data regularly 

Similar to using a recycle bin as data backup, this threat is user based. As a safehouse for real-time company data and processes, backup should be online and ready for access in the event of a breach or natural disaster. If backups aren’t being tested, organisations may not be able to fully count on the technology in the wake of a catastrophe.   

Neither yourself or your backup is safe from a ransomware attack 

Given the heightened efforts to better the backup maintenance processes, cybercriminals are kicking their tactics up a notch, targeting backup processes and tools, such as shadow copies (Microsoft OS) or the Time Machine (Mac OS). Even if a victim pays up, the attacker might not decrypt the backup data, or have destroyed the backup in the process.   

Backup systems situated in the same network operating environment may be simplistic, but it isn’t smart 

If backups are run on the same general-purpose server as the entire network operating environment, defences can be bolstered and hardened to ensure complete security of your backup - so avoid it. The same practice applies to on-prem backup options - while this is still the go-to for many organisations, on-premises can be inaccessible in the event of a natural or malicious disaster. 

Frequently visited sites can increase your risk level 

Malware might be lurking on your employees’ frequently visited sites, waiting to strike. This tactic, known as ‘watering holes’, features attackers compromising websites in the hopes of distributing malware to a target demographic. For example, a local cafe website may be compromised, with the attackers embedding threats in the downloadable menu, or email alerts regarding a take away order. Beyond implementation of proper WAF and email security tools, it’s imperative to conduct training and nurture employee awareness of phishing threats, particularly on frequently visited sites. 

An advanced persistent threat is the long ‘con’ that can pay off, big-time 

There are too many types of malware to count, so let’s focus on the advanced persistent threats (APTs). When successful, these attacks allow a criminal to spy on a company for a long period of time. With some search, the attacker can find the data that is most critical to operations. Once an attacker has made that determination, they can copy the data and destroy the original copies on the network. It’s important to track, update and clean your backup. 

Home networks and mobile devices can pose a threat 

Not everyone can implement the same security measures from the office, onto their home networks. The modern workforce has embraced the ability to work anywhere, from any device, at anytime. While this is convenient, those mobile devices and external networks are not always secured to the same corporate degree as the office. Mobile devices and wearables are everywhere in the network, and employees continue to resist any effort to apply corporate security to their personal devices. This makes any devices connected to a corporate network an opportune target for an attacker.    

With the threat landscape evolving at such a rapid pace, the reality is that zero-day attacks are coming our way, whether we like it or not. Cyber attacks are inevitably going to get in, simply due to the volume of attackers out there and the level of sophistication they employ. Although we can do our best to keep them out, we cannot be naive enough to think we can always prevent them from getting through.

All organisations need to find a reliable backup solution that enables them to restore business-critical data to meet short RPO and RTO times, and test the backups often. If they do fall victim to an attack, they can simply restore from the most recent backup set to get up and running again quickly with minimal disruption. 

The reality is no one is invincible and anyone can fall victim to an advanced threat at any time. But by avoiding these threats and putting the right solutions and procedures in place, you can severely mitigate the risks and severity of an attack.

Rod Mathews, Senior Vice President and General Manager of data protection for Barracuda Networks 

Image Credit: Scyther5 / Shutterstock