How do you know if your local or cloud-based data backups are reliable? Maybe they were yesterday -but are they today? All too often, we at ITFirm.com perform ‘Discovery’ on a prospective client’s network and find backups set up incorrectly, and/or that the backup data is corrupted and unusable.
A good Managed Services Provider (MSP) will have a schedule for regular testing and data retrieval of your backups. Perhaps they do this once a month – does that mean you and your backups are safe? For the day of testing, yes, but any day after that? Maybe, maybe not – it’s not an issue you can take on faith.
The more sophisticated Ransomware crooks have been launching pre-emptive strikes against a company’s data backups in order to cripple them. This is done in tandem with, but just prior to, the actual Ransomware attack which encrypts the data and locks up monitor screens.
Any quality IT professional knows that the route to a speedy recovery after a Ransomware attack is to stem the virus, wipe any infected devices and reinstall the data from secure backups. If the backups have been destroyed, the business owner then has no option but to pay the ransom.
This tactic is as old as warfare on Earth: launching pre-emptive strikes crippling an adversary’s ability to fight back. During the Battle of Britain, Germans attacked British airbases first. Pearl Harbor removed the possibility of the United States Pacific Fleet interfering immediately as Japan continued their widespread aggressions, which had previously been confined to China and other Southeast Asian mainland countries.
This principle also applies to your data backups. This pre-attack methodology is used by sophisticated, high-level hacking concerns such as the Conti organization, known for a massive attack on Costa Rica and publicly announcing their support for Russia (which is believed to be their base of operations) in the invasion of Ukraine.
The website Ransomware notes:
“Remember that a sophisticated ransomware organization has personnel that know your backup systems probably better than you do. A case in point is the infamous Conti organization, known for its backup-removal expertise—it actively recruits talent specifically trained in knowing how to destroy backup systems.
For instance, Conti has exceptional knowledge of Veeam, a popular backup system commonly used in VMware environments. The group attempts to exfiltrate data from the backups before damaging them.”
The pre-emptive attacks on backups are performed by yet another specialized branch of these high-level criminal organizations – wand they spend a lot of money on Research & Development (R&D) to improve their malware strains and find new vulnerabilities through which to attack their victims.
These are not muggers or street thugs. They are highly organized and professional – more akin to James Bond’s ‘Spectre’ (without nuclear weapons… we hope) than they are a car theft ring. If you are forced to play ‘catch-up’ ball with these criminals, you have already lost. It is critical that extra steps are taken to safeguard your backups.
Take a look at this sample timeline scenario (dates are arbitrary):
August 1: your IT Services provider tests your backup system, retrieving random files to ensure that everything is working correctly – and your backups pass with flying colors.
August ? (Attack Day): Cyber criminals who have been stalking your network and sending out preliminary phishing emails have gotten an untrained or unaware end-user to click a malicious link or attachment. This releases Ransomware into your system, BUT – rather than immediately encrypting your data, locking you out of the network, and demanding a ransom, the malware quietly goes on its way – first copying and stealing your data (an extra opportunity for extortion), then destroying your backups or your ability to access them.
Now you have to pay the ransom or face the very high and very real probability of losing your enterprise completely – typically, within six months.
What is the most effective data backup?
The basic premise of a reliable Backup & Disaster Recovery plan is to create at least three copies of your data, in at least two storage formats – with one copy located offsite – specifically in the cloud. Backups are not to be confused with your local network data storage where data is accessible for everyday work. ITFirm.com recommends these three backup systems:
Local Backup
Cloud Backup
Cloud to Cloud Backup
Local backups, which should be separate from your working network, will get you up and running much quicker than Cloud Backups, which are a necessary backstop. Restoring data from the cloud is time consuming, so a local backup which is not connected to the network (so no malware can invade it) is the fast answer to maintain Business Continuity and productivity.
The best overall strategy is to incorporate Cybersecurity Mesh – simply described as layered Cybersecurity perimeters within perimeters - into all areas of your cyber-defenses. For ‘Lord of the Rings’ fans, think of it as the seven defensive levels of Minas Tirith. Without Cybersecurity mesh, any intruder who enters the system has free reign to go anywhere.
Aside from creating rings of defenses with your data and backups at the center this is the time to make sure you have a top-notch MSP firm to set up your backups – especially the independent local backups. This type of defensive strategy MUST have ironclad built-in redundancies.
Frequently Asked Questions
Why is it important to test backups?
A:Because you must be able to count on them if disaster strikes. ITFirm.com has been called in when an inept IT person has incorrectly setup the cloud backup system - and after an attack, the data cannot be retrieved. All the more reason not to go ‘bargain basement’ on cheap, uncertified ‘IT guys.’
How do you test integrity of a backup?
A: In simple terms, you retrieve your backup file, open it on a separate system, and then compare the retrieved file to the original. If it doesn’t match, there is a problem to be solved.
What's the difference between cloud storage and cloud backup?
A: The difference is Cybersecurity. Storage itself simply stores and makes data readily accessible. None of the major cloud services providers, such as Microsoft Azure, guarantee your data – that is still up to the user to do. Cloud backup safeguards the data with security measures in place.
Is OneDrive a cloud backup?
A: Yes. It automatically backs up your data to the OneDrive cloud.
Is your network secure?
As a longstanding, reputable member of the Charlotte IT Support community, ITFirm.com offers a FREE, no-risk network and security assessment. We perform a non-intrusive scan that allows us to deliver a comprehensive report of the state of your system and its vulnerabilities that is yours to keep. There are no strings attached, and you are under no obligation to ever use our IT Services.
The two best defenses are next-generation Cybersecurity to protect your data from theft, and a top-notch Managed Services Provider to ensure continued reliability and defenses against newly emerging threats.
We put our 100% Money Back Guarantee in writing, so there is no risk in trying us out. Because we do not require a ‘hard’ contract, our clients can fire us at any time with 30 days’ notice. We have to be good.
Among the Managed IT services we provide:
IT HelpDesk Service
Onsite IT Support
Cybersecurity
Cloud migration and management
Email migration services
Backup and disaster recovery
VoIP phone systems
IT disposition and recycling
Office moves
White label services (IT to IT)
Need help with your backup strategy?
Contact us today! We have the experience to ensure properly set up and regularly tested secure backups. For more information or to receive your FREE no-risk network and security assessment, just fill out the form on this page or call us at:
704-565-9705
