Security

Ordinary Data Backups Are Not Enough Against Ransomware Attacks

Cybercriminals are finding pathways to organizations’ backups and encrypting those too. That’s why businesses need immutable storage.

Jason McCleery

Jason McCleery is a hybrid infrastructure senior adviser working with CDW's integrated technology services.

Ransomware is the biggest problem in cybersecurity today. According to research by Veeam, for example, 76 percent of organizations suffered at least one cyberattack in 2021, and organizations that were attacked said they had been able to recover only 69 percent of their data on average.

The traditional advice for getting ahead of ransomware attacks is to keep updated backups stored offline and to test them often so that your data is never fully at the mercy of a cybercriminal.

While backing up data is still a vital safeguard, it is not enough. Sophisticated threat actors have learned to seek out pathways to those backups after breaching an organization’s network. Although most organizations know that it’s important to maintain backups separate from the main network, some fail to do this adequately, leaving an opportunity for the threat actors to strike.

Why Small Businesses Need Immutable Storage

Not long ago, many organizations would back up their data on tape that was “write once, read many,” meaning you could put data onto the tape and read data from the tape, but you couldn’t change or erase the data once it was there. Some organizations still use tape as one method of data storage.

Today, organizations can take advantage of a modern version of those write-once, read-many backup tapes. Immutable storage allows organizations to store their data in a way that cannot be hijacked, deleted, altered or corrupted by anyone — even by authorized administrators — for a period of time set by an organization.

Immutable storage uses the S3-compatible objects protocol, in which data is broken down into “objects” kept in separate storehouses, bundled with associated metadata and a unique identifier to form a storage pool. That’s distinct from more traditional file storage, in which data is kept as a single piece of information in a folder.

A most common way for organizations to access immutable storage is via major cloud platforms such as Amazon Web Services, Microsoft Azure and Google Cloud Platform. Businesses also deploy solutions such as Veeam, Acronis, Commvault and Veritas.

There are costs associated with using immutable backups, but those costs pale in comparison with the costs that come with a successful ransomware attack, whether it comes in the form of a ransom payment, lost data or both.

The amount that an organization will pay for immutable storage depends on the amount of data and the length of time it is stored. Some organizations require it for just a few weeks, while others may need it for a year or longer. After that, organizations can shift down to less expensive data archive options.

Every Business Needs a Backup Strategy

Unfortunately, many small businesses continue to believe that they are small enough to escape cybercriminals’ notice. In reality, threat actors are simply looking for an easy payday, and usually access networks through mass-delivered phishing emails aimed at employees who might carelessly click on a link.

UP NEXT: How to keep ransomware at bay with an effective backup strategy.

“Even with the global awareness of ransomware and malware, plus the ever-increasing vigilance of IT teams, the most common entry point for ransomware continues to be users accidentally clicking malicious links, visiting insecure websites or engaging with phishing emails,” the Veeam report notes.

Employees at companies of every size are vulnerable to making such mistakes. That’s why it’s important that every business has a comprehensive backup strategy, meaning that data should be stored immutably for some period of time, and that the business should maintain the same security protocols with its backups as it does with the rest of its data.

This article is part of BizTech's AgilITy blog series. Please join the discussion on Twitter.