maxkabakov - Fotolia
The surge in remote working resulting from the new coronavirus pandemic has sparked a flurry of cybercriminal activity. Evaluator Group's recent study, "Enterprise IT Responds to COVID-19," found that security, data protection and disaster recovery are the IT areas most likely to get a boost as a result of the pandemic over the next six months.
In the words of one IT professional, "We're in the open. Hackers and bad actors are in the dark, always trying something new. Our job is to defeat them every time."
One way to do that is with solid backups. Especially in the middle of a crisis, the need to protect backup data becomes a critical mission.
Coronavirus-related cyberattacks on the rise
The pandemic has provided bad actors with a global climate of fear to prey on. Phishing has risen, particularly in the form of email content that appears to come from a respectable source and allegedly claims to have information pertinent to COVID-19. The phishers hope to install ransomware or other malicious software, or steal credentials to gain access to corporate databases or data stores.
Bad actors also deploy fake VPNs and have made efforts to exploit vulnerabilities in VPNs and other tools for remote connectivity. Hackers enact advanced persistent threats and target mobile devices as well. For example, certain Android applications claim to monitor COVID-19 symptoms or occurrences but contain spyware or other malware in disguise.
Extortion of healthcare, medical research and manufacturing organizations has been reported, as have numerous other scams and cybercriminal activities. Attacks change constantly, so it is important to maintain vigilance and continue to educate yourself.
Best practices to protect backup
Coronavirus-related cybercrime doesn't necessarily create new backup requirements, but it does highlight the importance of best practices. Immutability -- including write-once, read-many backup -- helps to preserve data integrity because immutable data cannot be erased or overwritten.
Creating and enforcing retention policies helps to ensure that no one can maliciously erase files, while air-gapping can prevent hackers from accessing retention data. You should also encrypt data both at rest and in flight, as well as use data management best practices, including encryption key rotation and support for the Key Management Interoperability Protocol.
IT professionals can help protect backup environments from ransomware by using tools that monitor for anomalies. You should also run diagnostics on your backup environment and regularly test it to ensure confidence in recoverability and to determine the last-known good backup copy.
Why is it important to protect backup?
Protecting backup data is critical for two major reasons. A healthy backup environment determines the available recovery point objectives for the production environment. And so-called "sleeper" ransomware -- an attack designed to slowly infiltrate the backup environment -- causes long-term problems for organizations.
Backup recoverability improves data safety for all businesses. In the current climate, it's not a question of "if" an organization could face an attack, but "when."
In part two of this two-part series, learn how the cloud can be a good choice for your remote backup.