4 Ways Hackers Target Backups and 6 Ways to Stop Them

One trend from 2024 that has vital implications for fintechs is the growing occurrence of ransomware hackers shifting their attention from production systems to backups. According to IDC research, ransomware targets backups to eliminate the possibility of data recovery. That maximizes the attack’s severity.

More than half, 51% of 2023 ransomware attacks attempted to destroy or damage backups, with 60% of those succeeding.

The same research shows 51% of ransomware attacks in 2023 attempted to destroy or damage backups, and 60% of those attacks were successful. Sebastian Straub, a principal solution architect at N2W, shared four ways hackers target backups while offering six methods of preventing such attacks.

4 ways ransomware attackers target backups

Stolen admin credentials: Attacks can steal login credentials for someone who has access to both production and backup systems.

Social engineering: Attackers use phishing or similar social engineering techniques to trick employees into deleting backup data.

Compromised backup tools: Attacks take advantage of vulnerabilities in backup tools or scripts, such as weak authentication controls.

Breached storage infrastructure: Attackers potentially exploit vulnerabilities in the operating systems or storage software that host backup data to delete it or encrypt it.

 

6 tips for protecting backups against ransomware attacks

Backup risk assessment: A risk assessment helps you identify the most likely attack paths or techniques that threat actors might use to access your backups.

Consider the cost of mitigating risks: Reducing risk to zero is not always feasible; for example, you might lack the budget to afford to store your backups in a separate data center from your production systems.

Air-gap backups: Air-gapping is a data protection technique that disconnects backup data from the network.

Encryption: Encrypting backups can make it harder for attackers to find backups because it prevents them from viewing the contents of the data.

Create multiple backup copies: Instead of creating just one set of backups, consider creating multiple copies and storing each set in a different location.

Store backups across clouds and accounts: To increase backup reliability, spread backups across multiple clouds and multiple cloud accounts.



Sponsored Links by DQ Promote

 

 

 
Send this to a friend