Ransomware attacks are up sharply during the coronavirus pandemic, with researchers identifying nearly 80 million such attacks during the first half of 2020 — a 109 percent increase from 2019’s midyear total. In a particularly concerning trend, many of these attacks are now targeting backup data in addition to primary data.
Robust backup practices have always represented the best defense against ransomware by ensuring that files can be reliably accessed in the event of an attack that encrypts files and blocks access until a ransom is paid. However, cybercriminals are now neutralizing this defense with attacks that target legacy backup storage devices.
Analysts say malicious actors are scanning IP addresses looking for network-attached storage (NAS) and other backup devices connected to the network. Once they find these devices, they exploit firmware vulnerabilities to install malicious payloads that encrypt the data on all media connected to the backup devices. That leaves victims with little choice other than to pay the ransom.
This new tactic makes backup modernization an urgent priority. Analysts say nearly half of U.S. businesses still rely on outdated technologies and processes that were designed for conventional on-premises backup. These practices are ill-suited for today’s environment, where data is often spread across multiple data centers, cloud platforms and endpoint devices.
Leveraging the Cloud
Cloud and hybrid backup solutions with increased automation and data-reduction technologies should be part of any modernization effort. Pure cloud backup involves copying data directly to a provider’s cloud infrastructure through agents installed locally on company computers and user devices. In a hybrid cloud backup approach, data is copied to an onsite appliance which in turn synchronizes the data to a cloud provider. Either approach allows you to easily restore data in the event of a ransomware attack.
Cloud backup makes it easier for organizations to adopt the “3-2-1” data protection strategy that is considered to be an industry best practice. This approach calls for you to make three separate copies of data, store two of them on different types of media, with one located at an offsite location. Having at least one copy isolated in the cloud or in an offsite location provides an important safeguard against threats targeting onsite backups.
Increased automation is another valuable feature of cloud backup. Complex and time-consuming manual backup processes are a burden on IT staff, which can lead to significant gaps in data protection strategies. Up to a third of organizations say they only back up data intermittently because the process is so complicated. That would leave them without access to current data in the event of a ransomware attack.
Cloud-based platforms eliminate much of the management burden. Backups occur automatically on a scheduled basis, and data is automatically compressed, deduplicated and encrypted. Automated testing features also ensure that all data and applications can be recovered if there is a disruption.
While the cloud offers significant security and management benefits, it can also introduce complexity in some areas. For example, bandwidth consumption during cloud backups can sometimes impact application performance. Searching and recovering data in the cloud can be difficult and time consuming.
Organizations with limited manpower and expertise may be better served with a managed backup service. A qualified provider will reduce your staffing burden by orchestrating backup processes while also managing security and recovery. The provider will also test backups frequently to ensure they are working properly and readily available in the event of an attack or some other disaster.
With ransomware attacks now targeting legacy backup technologies, backup modernization has become a business imperative. SSD’s managed cloud backup solution is designed to help you improve business resiliency by reducing your dependence on outdated backup processes that are increasingly vulnerable.