Critical Data Backups vs Cyberattacks
Results 1 to 7 of 7

Thread: Critical Data Backups vs Cyberattacks

  1. #1
    Junior Member
    Join Date
    Dec 2017
    Posts
    1

    Critical Data Backups vs Cyberattacks

    I was participating in a discussion forum on cybersecurity and critical data protection. One of the points that were brought up during the discussion was on the security of backups and whether these backups could themselves be subject to a cyberattack and Iím really interested in getting more insight on the subject.

    How can someone ensure the sanity of their backups? How can they make sure they havenít backed up a malware along with their data? Are there any tips or best practices for backup procedures?

  2. #2
    Junior Member
    Join Date
    Dec 2017
    Posts
    1
    Can backups be attacked?

  3. #3
    Junior Member
    Join Date
    Dec 2017
    Posts
    1
    Quote Originally Posted by sdawany View Post
    I was participating in a discussion forum on cybersecurity and critical data protection. One of the points that were brought up during the discussion was on the security of backups and whether these backups could themselves be subject to a cyberattack and Iím really interested in getting more insight on the subject.

    How can someone ensure the sanity of their backups? How can they make sure they havenít backed up a malware along with their data? Are there any tips or best practices for backup procedures?
    Hi @sdaway, this is a very interesting point and a valid concern. It is very difficult to prevent backing up malware that is dormant and you don't yet know is on you disk yet. In my company we have found that the best way to mitigate the risk of losing your data backup to infection is to keep extensive copies of your backups. By this I mean that one should not overwrite backups on a weekly basis, keep longer cycles. For example, at one of our clients, we had to go back as far as 2 months to find a clean backup set once they were hit by ransomware.

    Also, we keep a local copy of the backup onsite and a second copy in a off-site location. This helped us when another client was hit by ransomware, they kept on restoring devices that we being encrypted from the local backup store. The result was that the backup server then got hit and all local backups were encrypted. The off-site copy saved the day eventually.

    I hope this helps with answering your question.

  4. #4
    Junior Member
    Join Date
    Dec 2017
    Posts
    1
    I am sure that backups can and have been hacked, the actor could have backdoors that you backup in your backup.

  5. #5
    Junior Member
    Join Date
    Jan 2018
    Posts
    1
    A couple of thoughts.
    It depends on where in the network the backup data resides. Is the network segmented?
    Are the same login credentials used for both systems, live and backup?

  6. #6
    Junior Member
    Join Date
    Jan 2018
    Posts
    1
    Hi @sdawany this is a great topic given the rapid change of IT and the massive cyber threats that are now everywhere and infecting all parts of the datacenter. Specifically as it relates to B/U's it is true that backups can be infected! Especially if your b/u strategy consists of replicating data that could already be unknowingly infected. Hopefully your organization has done a BIA (business impact analysis) that identified the critical systems, networks and data and their criticality to business operations (ie. mission critical, business critical etc..). Additionally you should integrate your cybersecurity strategy with the BIA and other processes like your backup strategy. The goal is to always ensure that your assets (data in this case) remains highly available, remains protected (confidential & secure) and intact (integrity). When architecting a backup strategy you need to have a tiered backup plan that incorporates RPO (recover point objectives), RTO (recover time objectives) and MTD (maximum tolerable downtime) objectives. Once you have that figured out you need to test and scan your plan & data on a regular basis. I have found the most successful plans are those that have been designed from both an IT business perspective and those designed from a hackers perspective trying to breach your data. Another interesting fact is that the "hated" tape backups are now coming back in popularity given their "air gapped" status as being an off-line/off-site data storage media making it very difficult for a hacker to breach.

  7. #7
    Junior Member
    Join Date
    Nov 2017
    Posts
    6
    i think Data Backups is easy to attacked , But it's still better than not doing anything

Similar Threads

  1. loading critical patches for mission critical servers
    By mrlucifer in forum Microsoft Security Discussions
    Replies: 32
    Last Post: June 17th, 2006, 05:32 PM
  2. U.S. fears 'cyberattacks' by Chinese armed forces
    By Tedob1 in forum Miscellaneous Security Discussions
    Replies: 9
    Last Post: April 26th, 2002, 02:47 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •