Securing Backups from Ransomware

Ransomware “developers” know that organizations are likely to count on their backups as a primary point of recovery if they are infected. As a result, these malware programs attempt to encrypt or disrupt backup operations. Other cyber attacks may even use the backup process as a means to steal data by spoofing the backup server or client.

The backup application must protect itself and the data it stores. The first line of defense is encrypting both the backup configuration files and the protected copies of data that the backup maintains. However, encryption by itself is not enough. Malware can encrypt the encrypted backup data just as it encrypts any other file. It is essential that the backup software only allow access to its data through the backup application itself or a secure peer, like an authorized API.

It is also critical that the backup software securely move data off-premises. If the organization is using tapes, the software needs to support encrypted tapes, if the organization is leveraging the cloud, encryption during the transfer and while at rest is critical.

Click To Register

A Case for Consolidation

Protection from ransomware may also be the most persuasive case for backup consolidation to date. The challenge with using multiple data protection products is that each of these products protects themselves from attack differently. Some solutions have almost no protection from attack and some solutions have extensive protection. The problem is now the organization not only has to deal with managing separate backup operations it also needs to manage varying security levels and methods. A single secure solution is much easier to manage.

More than Just Ransomware

Backup applications have broad access to data in the data center, which makes them an ideal target of cyber attacks. If an attacker can successfully masquerade as a backup installation server to install rogue backup clients, it could gain access to the organization’s entire data set. Attackers that compromise the backup process may also instruct legitimate backup clients to replicate backup data to rogue servers. Backup applications need to provide secure peering to verify the credentials of installation servers, backup managers, and backup clients before they can communicate with each other.

StorageSwiss Take

Using backups to recover from a cyber attack is commonplace; protecting backup from a cyber attack is not. Backups though are under pressure from both sides. Malware wants to make backups useless, thus forcing organizations to pay the ransom fee. Other cyber attackers want to leverage the backup software to gain access to data and have that data copied to servers outside of the control of the organization.

Protecting backup against both circumstances requires securing both protected data copies and backup configuration files. Preventing the use of backup as a conduit to a cyber attack requires securing communications between backup software components.

Learn More

Our latest white paper “How to Ensure Your Backups Protect You from Ransomware” Storage Switzerland discusses the state of ransomware, explains how it has evolved and describes what needs to happen next to make the protection from an attack possible and more seamless.

The paper is exclusively available to pre-registrants of our live webinar “Backup vs. Ransomware – 5 Requirements for Backup Success.”

Register for the webinar and we will send you the paper the same day. Then come back for the live event and get all your ransomware questions answered.

Click To Register

Twelve years ago George Crump founded Storage Switzerland with one simple goal; to educate IT professionals about all aspects of data center storage. He is the primary contributor to Storage Switzerland and is a heavily sought after public speaker. With over 25 years of experience designing storage solutions for data centers across the US, he has seen the birth of such technologies as RAID, NAS and SAN, Virtualization, Cloud and Enterprise Flash. Prior to founding Storage Switzerland he was CTO at one of the nation's largest storage integrators where he was in charge of technology testing, integration and product selection.

Tagged with: , , , , , , , , , ,
Posted in Blog

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Enter your email address to follow this blog and receive notifications of new posts by email.

Join 21,863 other followers

Blog Stats
  • 1,235,047 views
%d bloggers like this: