Significance Of Backups And Security. How To Protect from Cybercriminals

Significance Of Backups And Security. How To Protect from Cybercriminals

We often repeat as a mantra the need to secure company information. My longtime clients know how stubborn I get when it comes to backups and in these conversations, many affirm me in the form of a question: but isn’t that about tapes very old?

We must make it clear that old does not have to mean the same as old. If it is useful, why reveal that technology. In the age of the cloud , it seems that the solutions of yesteryear should not be used and sometimes it is due to a concept of technological snobbery that does not respond to a real reason. Why not use the means we have? Although they come from technology of the last century. If it’s useful, use it.

Ransomware attacks are becoming more frequent, more methodical and more exhaustive every day. As recent examples would be Mapfre or Garmin, but they do not only attack large companies and corporations, these attacks also occur in SMEs and micro-companies.

I am going to tell a very recent and close case, as well as the suspicions of what the modus operandi has been.

  • Infiltration . The first step, look for loopholes and weaknesses. See what the weakest attack surface is and exploit the vulnerability.
  • Espionage . Once inside, everything is easier. Look not only for external weaknesses, it is time to collect the necessary data to be able to do the greatest possible damage. And what is it that you are looking for. Everything, absolutely everything. All the infrastructures that can be attacked, the weaknesses that they present to be attacked, the seeding of the necessary tools to obtain the appropriate credentials, the way to deploy their malware on the network to be as harmful as possible, the possible connections to other sites and information from other companies or subsidiaries in order to extend their attack. The connections to the different public clouds to be able to attack all the services that are available there. If you’ve read this far, I guess you’re starting to get worried. And if not, you should.
  • Coordination. Rome was not built in a day, and such an attack cannot be carried out by one person to be effective.
  • Attack. Several colleagues believe that the most recent and notorious cases have occurred in the summer period, when the guard and the staff are at a minimum. The “cacos” do not take vacations. Although I think this point is at least debatable.

Well, in the case that I give you as an example, only a few tape drives have been released. Either because they didn’t have time, or some insurmountable impediment was found, it was the only thing that resisted the attack. Even with a better tape strategy, the damage would have been much less.

What about cloud backups ? Well, as an idea in itself, it’s a good one. But it can have a significant security hole if they get the right credentials, or do you think that the cybercriminal does not have the necessary means once infiltrated to obtain a privileged account that can delete backups, snapshots or any other mechanism implemented to safeguard data and states? ?

How Can I Defend Myself If They Decide to Attack Me?

Of course, there are many manufacturers that offer a multitude of protection tools, although the cost of all of them together is probably not affordable for all companies: user behavior analyzers, antimalware, firewalls, and any other solution from the business world.

So of course, if I can afford them, please put them on. If not, let’s stick to the basics such as:

  • Awareness and training of our users.
  • Periodic updates of the security patches of our systems, of all of them, applications and hypervisors included.
  • Serious password change policy. In many companies the boss is the most dangerous, as he tends to resent having to change passwords on a regular basis.
  • A perimeter firewall and antivirus at the user’s station and on the servers. Of course, regularly reviewed, it is not enough to have it, you have to make sure that it is updated.
  • And these four basics guarantee my protection? The answer is painful and it is forceful. No, not by a long shot. But if we do not even comply with these basic precepts, we will give them the opportunity to aggravate the damage.

Personally, for the company that cannot undertake the same investments as the large company, I will continue to recommend any copy device that can be regularly rotated and exchanged for another. Call it tapes, USB sticks, or multiple NAS that you can alternately power on and off.

Also comment that there are alternatives in the cloud in terms of immutable copies. In other words, I contract a space in the cloud in which I deposit the data that I can access in reading mode, but I will not be able to modify or delete that data until a given period of time has elapsed. As a solution for archiving backups or data retention for legal reasons, it seems like a good solution to me.

We will see how these types of attacks evolve, but a serious and orderly policy for performing backups, rotation and verification is increasingly necessary in our companies.

Technology Monk

Technology Monk is a right destination for the people who want to consume latest news on Technology, Gadgets, Business, Marketing and Finance. It is the one-stop solution for all the queries related to the technology.

Leave a Reply

Your email address will not be published.