Business Daily Media

Cybercriminals are targeting backups: How to protect your business

  • Written by James Bergl, regional vice president ANZ at Datto

Backups are a critical part of any business infrastructure. If your primary data becomes compromised by malicious intent or human error (e.g. accidental deletion), the backup enables the business to be up and running again in the shortest time possible.

However hackers are enterprising people. Backups, a key component of business continuity and disaster recovery (BCDR) plans, are now being targeted by bad actors. If your backup is encrypted due to a ransomware attack, it may appear the only option is to pay the ransom—but even then, can cybercriminals be trusted with their word? If your business’ backup is hit, it means the last line of defence has fallen. So how can businesses improve their cyber resilience and protect their backups? Does your organization has skilled ethical hackers who can tackle these attacks? If not, it is really important to get your employees trained in this field. There is plenty of Ethical Hacking course online from where they can get trained.

Hacking, malware and errors are backups’ biggest threat

According to the Verizon 2020 Data Breach Investigations Report (DBIR), attacks on small and medium sized businesses (SMBs) accounted for 28 per cent of all cyberattacks last year. It also found that malware poses a great threat to SMBs, along with hacking and user error.

In fact, the report found hacking occurred in 45 per cent of breaches, while errors accounted for 22 per cent.

When it comes to compromising backups, hackers are increasingly looking at vulnerabilities in backup software, backup files and the systems where backups are stored.

Backup software by nature requires a high level of access to systems, files and virtual machines. To access this software, hackers are known to steal administrator credentials and use those passwords and logins as a backdoor to infect systems. Some backup software also maintain a configuration database that stores credentials needed to access the backup. By accessing this configuration database, hackers gain access to every connected system.

Other vectors that hackers use include accessing backup files, which are easily identified through their .BAK file extension. If a hacker finds these files, they can simply turn off access or delete the files, making recovery impossible. Remote monitoring and management (RMM) solutions are also a point of compromise, along with remote access to backups, where the hacker obtains easy-to-steal and easy-to-guess passwords.

How to protect your business against backup attacks

There are a number of strategies you can use to protect your backup files against hackers, malware, human error and improve your business’ overall cyber resilience.

The first step you can take is to be proactive and scan for ransomware during backup. Detection and prevention is the best cure for this sort of attack. Most modern backup solutions offer ransomware scanning as an integral part of the package—so use it!

The next step is to make sure backups are kept off-site in a secure location. You need to have an air-gap between your production systems and your backup data so that if your primary data is compromised, there’s no way for the hackers or malware to jump the air-gap and encrypt or otherwise steal your backup data.

If you have offsite backups, they can be used to quickly restore a system that’s been hacked or infected by ransomware. Cloud storage is the perfect solution to this off-prem backup conundrum, allowing business owners to get things up and running quickly after an attack.

It’s critical that you have more than one copy of a backup. With modern backup solutions, granular backups, or snapshots of your data can be captured in increments, from a matter of minutes to up to 24 hours, letting you return to a point in time before your systems were compromised.

Finally, invest in a BCDR solution. This will allow you to recover business operations quickly, either locally, or in the cloud, if your business operations are compromised.

Backups are under attack. Whether it’s hacking, malware or human error, backups can be compromised, so it’s important to prepare your business to be able to recover from an attack and improve overall cyber resilience. With BCDR, as well as offsite backups and malware scanning, you can ensure your organisation is protected.

Business Reports

TEN13 doubles investor network to 550 syndicate members

TEN13, Australia's fastest growing venture syndicate, today announced it has reached a new milestone with 550 experienced and sophisticated investors joining the new syndicate. In spite of a challenging macroeconomic environm...

EOFY explainer: Everything your business needs to know about the instant asset write-off

Australia has long been renowned as a rich and vibrant small business nation, where entrepreneurialism is encouraged and celebrated. It has, however, been a challenging period for small business owners, and the transition from o...

Brand Expert Shines in Business Awards

Sydney multipreneur Zahrina Robertson, who is known for producing world-class visual assets, has been named a finalist in the North Shore Local Business Awards. The founder of Zahrina Photography & Video[zahrinaphotograph...

New Image acquires Nutrimetics from Tupperware Brands

New Image Group has acquired skincare and cosmetics brand Nutrimetics from Tupperware Brands Corporation (NYSE: TUP) for an undisclosed sum. Nutrimetics is a natural fit with New Image’s portfolio of health and nutrition prod...

Save, spend or invest? New offering allows Aussies to maximise their savings

With the turn of a new financial year, Australians are at a loss of how to make the most of their tax refunds this year with rising costs of living and low return on savings. The Australian Investor Sentiment Report 2022 reve...

Commercial Painting Revitalised Shop Fronts and The Economy – Why Did the Funding Dry Up?

State governments provided retailers with grants to revitalise their shop fronts in a bid to help the ailing industry. The $2000 - $10000 grant aims to ‘add a lick of paint” and some street appeal to retail outlets not onl...

Web Busters - Break into local search

WebBusters.com.au