News Storage & Backup

Immutable Storage Subversion Attacks Present Severe Threat to Unprotected Backup Data

Asigra emphasized the importance of cybersecurity-enabled backup and recovery with software integrated step-up multi-factor authentication (AKA: Deep MFA). This is increasingly critical as immutability storage subversion attacks expose corporate backup repositories to hackers using stolen backup operator and administrator login credentials, leading to maliciously re-configured settings within the backup application and preventing successful data recovery operations.

“The ransomware protection market size is expected to grow to USD $17.36 Billion by 2021, at a Compound Annual Growth Rate (CAGR) of 16.3%,” noted analysts in a new report by MarketsandMarkets. “Ransomware is a predominant cyber threat that installs on the victim’s computer either encrypting the files or locking the entire system, until a ransom is paid. As result, organizations have increased investments in securing the data, network, and endpoints from crypto-malwares such as ransomware and other advanced cyber threats.”

In the infancy of ransomware, backup data provided a means to recover criminally encrypted or stolen data to maintain business operations. However, with the continuing evolution of these sinister cyber threats, backup data has become the target of choice as hackers prevent viable recoveries after such events. By obtaining backup administrator login credentials through keylogging, phishing and other means, more advanced ransomware attacks are circumventing multi-factor authentication, allowing easy access to some of the most sensitive and important organizational data.

Immutability subversion attacks often occur because application-specific MFA has not been applied to the organization’s backup software. The approach takes user authentication to a higher level, where the system requires user credentials for any critical function that could compromise a recovery. Also known as Deep MFA, it provides protection to secure policy settings and controls that prevent backup data deletions or malicious encryption resulting from ransomware detonation.

“The poor or no coordination between backup and security teams attracts threat actors who prey on backup environments that are not adequately protected,” said Eran Farajun, EVP, Asigra. “You win when you’re not worth hacking. Backup software with integrated Deep MFA enabled cybersecurity and Ransomware Attack-Loop mitigation helps managed service providers and their enterprise customers significantly raise the cost and effort for hackers who then move to easier opportunities.”

Related posts

Sachin Joins Protiviti India Member Firm


OpenText Acquires Pillr


Infor GenAI and ESG Reporting Capabilities launched