February 08, 2021
How MSPs Can Prepare for Attacks on Client Backups
For years, backups have been relied upon as the redeeming factor for business-critical data following a data-loss scenario like a ransomware attack or human error. More recently, managed service providers (MSPs) have seen their small and medium business (SMB) clients face an attack on their backups, too.
By definition, a hacker is a malicious actor who looks for weaknesses in computer systems, applications, and networks to compromise the associated systems and/or steal data. With regards to backup, hackers are increasingly looking at vulnerabilities in both backup software, backup files, and the systems on which backup data is stored.
Backup software solutions, by nature, require a high level of access to files, systems, virtual machines, databases, and other aspects of a computing environment. Hackers have been known to steal a backup administrator’s credentials as a backdoor to access systems and data.
Backup files can be targets simply because backup file extensions, e.g. .BAK, are easy to find. Hackers may gain access to the backup software and either turn off or delete the backup files.
It isn’t uncommon for backups to be encrypted. However, if an attacker gains access to this key, they have the ability to read the backup and/or change the key to make the data inaccessible. That’s why it is essential to follow backup encryption key best practices such as storing the key on a separate machine, physically secure that machine, etc.
These are just a few of the risks backups face in the current cybersecurity landscape. To learn how to prepare your SMB clients for experiencing compromised backups, read our full eBook, Backup Under Attack: Protecting Your Last Line of Defense.