Most businesses have backup solutions to protect themselves in the event of a ransomware attack. This is a great first layer of protection. However, many companies fail to consider what happens if their backups are the victims of an attack — that’s a scary thought!
Unfortunately, ransomware attacks on backups are more common than you’d think. As cybercriminals get more desperate and brazen in their attacks, your organization needs to take proactive steps to protect your backups from ransomware.
Why Are Backups Not Enough to Protect My Business?
We’ve previously written about why backups are no longer enough to protect your business against ransomware.
What used to be a ransomware process of ‘encrypt’ and then ‘exfiltrate’ has evolved towards ‘exfiltrate’ and then ‘extort.’ Essentially, cybercriminals follow this process: lock down a system, demand a ransom (typically in Bitcoin), and then provide an encryption key. A study by Coveware found that 77% of ransomware attacks since 2019 have also involved a threat to leak exfiltrated data (reference).
The best way for cybercriminals to do this is through compromising backups. With this knowledge, let’s look at the four ways your organization can protect its backups from ransomware.
4 Ways to Protect Backups from Ransomware
- Separate your backups. Sometimes called an ‘air gap,’ separating your backups means eliminating the ability for an attack to spread from one backup to the other. If all of your backups are linked together, it’s easier for a threat actor to compromise all of your backups. You can hopefully stop the attack at one backup if they are separated.
- Restrict access. This is pretty self-explanatory. Your backups are just that – they are your ‘backup plan’ if your primary systems are compromised. It is of the utmost importance that you restrict access to only authorized personnel — the fewer individuals who have access, the fewer possible entry points that can be compromised.
- Utilize immutable storage. In a nutshell, immutable storage means data that is stored and cannot be deleted for a predetermined period of time. While this significantly increases your storage needs, it is an almost surefire way to protect your backups.
- Start using your backups to help detect attacks. Many vendors that provide backup solutions now offer cutting-edge attack detection features. This might include monitoring of backups or storage monitoring.
Managed Your Backups with Managed IT Services
Managing backups is a vital component of your overall IT security plan. Working with a managed IT service provider like PK Tech ensures that this component of your IT security strategy is thoroughly monitored and managed. It is not enough to just have backups! If your business needs to take the next steps to protect your backups, get in touch with us, and we can help.