Ransomware: It's Coming For Your Backup Servers
Networkworld, December 14th, 2022
Compromised backup servers can thwart efforts to restore damage done by ransomware and give attackers the chance to extort payments in exchange for keeping sensitive stolen data secret.
Backup and recovery systems are at risk for two types of ransomware attacks: encryption and exfiltration - and most on-premises backup servers are wide open to both. This makes backup systems themselves the primary target of some ransomware groups, and warrants special attention.
Hackers understand that backup servers are often under-protected and administered by junior personnel that are less well versed in information security. And it seems no one wants to do something about it lest they become the new backup expert responsible for the server. This is an age-old problem that can allow backup systems to pass under the radar of sound processes that protect most servers.