Express Computer
Home  »  Guest Blogs  »  Why hackers love to target backups?

Why hackers love to target backups?

0 214

By Curtis Preston, Chief Technical Evangelist, Druva

Cybersecurity is experiencing a fierce conflict between hackers and security experts as a result of the exponential growth in technology. On the other hand, tech-savvy criminals are upskilling themselves and breaking into networks that aren’t properly secured and accessing private information and data. New risks emerge every day and current threats continue to advance at a rate that has never been witnessed before.

This year, India has become one of the most frequently targeted countries for ransomware attacks. According to a CloudSEK XVigil report, the number of attacks directed at India’s government sector increased by almost 95% in the second half of 2022. A reliable data backup and recovery strategy is a must, to be adapted to drive business needs and is the need of the hour for organisations.

Backups are copies of a company’s valuable digital assets and are the final line of defence against ransomware. Implementing secure backup policies is crucial to aiding disaster recovery procedures when unfavourable events threaten to interfere with operations. It demands a robust understanding of the various data types that must be safeguarded as well as the importance of the data crucial to an organization. Companies need to keep a close eye on who has access to the backup system and what level of privilege they maintain.

Encryption and exfiltration are the two kinds of ransomware attacks that pose a threat to backup and recovery systems, and most on-premises backup servers are vulnerable to both. An important role backup servers play is providing the means to recover from a ransomware attack without paying the ransom. Ransomware groups attempt to encrypt the backups as well because they contain the information required to reconstruct the machines that have been compromised by the ransomware. The saddest line in any ransomware story is, “and the backups were also encrypted.” They are your last line of defence, and you must hold the line.

That’s the traditional ransomware attack, but data exfiltration is increasingly serving as the main driving force behind ransomware attacks on backup servers. Threat actors may intimidate a business with extortion by saying things like, “Pay up or your company’s most crucial secrets will become public knowledge,” if they can exfiltrate and decrypt the company’s secrets via the backup server. The organizations are left with no choice but to pay the ransom and cross their fingers that the attackers keep their word after granting access to a web page where you can view the data they possess.

According to CISA, unauthenticated users can often access internal API functions, which may result in the upload and execution of malicious code. Companies should be concerned about remote server access as long as the data protection and ransomware recovery strategy relies on conventional hardware and software-based methods (the 2 most popular attack vectors).



Security best practices

Here are a few of the security best practices that a data resiliency platform should incorporate into their system:
1. Utilize infrastructure built on the cloud to use public cloud security standards
A SaaS provider should incorporate security of the underlying infrastructure by providing features like immutability, air gapping, and other capabilities beyond native data protection.
2. Implement backup platform observability and alerting
Systems should use observability tools to increase platform security, stop events like bulk deletions or configuration changes, or encryption from ransomware in progress, and accelerate response and forensics tasks with pertinent log and data change records.
3. Backup data should be encrypted wherever it is kept
For instance, to encrypt data at rest a business can use AES 256-bit encryption and data in flight using TLS.
4. Make use of deduplication as part of a multi-layered security strategy
Organizations should use block-level deduplication and separate the storage of data and metadata. The data’s structure should be concealed in this way, making it impossible for hackers to reconstruct it.
5. Use role-based access controls
A least-privilege strategy should be used to ensure that each user only has the access necessary to carry out their job

To summarize, hackers are constantly on guard, and these threat actors are evolving their attacks making themselves more potent over time. Attackers even understand that victims are likely to implement recovery systems and backups, and recognise that these kinds of tactics are their best shot at a win. It is a must that organizations implement the best practices that keep valuable data safe. Data resiliency is the best solution for businesses to safeguard themselves.

Get real time updates directly on you device, subscribe now.

Leave A Reply

Your email address will not be published.

LIVE Webinar

Digitize your HR practice with extensions to success factors

Join us for a virtual meeting on how organizations can use these extensions to not just provide a better experience to its’ employees, but also to significantly improve the efficiency of the HR processes
REGISTER NOW 

Stay updated with News, Trending Stories & Conferences with Express Computer
Follow us on Linkedin
India's Leading e-Governance Summit is here!!! Attend and Know more.
Register Now!
close-image
Attend Webinar & Enhance Your Organisation's Digital Experience.
Register Now
close-image
Enable A Truly Seamless & Secure Workplace.
Register Now
close-image
Attend Inida's Largest BFSI Technology Conclave!
Register Now
close-image
Know how to protect your company in digital era.
Register Now
close-image
Protect Your Critical Assets From Well-Organized Hackers
Register Now
close-image
Find Solutions to Maintain Productivity
Register Now
close-image
Live Webinar : Improve customer experience with Voice Bots
Register Now
close-image
Live Event: Technology Day- Kerala, E- Governance Champions Awards
Register Now
close-image
Virtual Conference : Learn to Automate complex Business Processes
Register Now
close-image