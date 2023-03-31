On the occasion of the world day of backupadvice from Barracuda experts for an effective backup plan against hackers and threats of all kinds.

The latest search for Barracuda Networks shows that in 2022, only 52% of ransomware victims restored encrypted data through backup. In contrast, approximately one in three companies (34%) paid the ransom. For some, in fact, this represented the only chance to get their data back, either because they didn’t have adequate backup systems or because hackers had managed to access the backups and delete the files.

Locating, disabling, or deleting backup data is now an integral part of an attack ransomware. If in the plan of backup any security gap exists, attackers will find a way to exploit it.

Here are hackers’ favorite backup strategies, according to Barracuda:

High levels of access to backup software – The more people who can access backup software, the greater the risk that attackers will use stolen credentials with domain administration rights or other privileged access rights to infiltrate.

Network-attached backup systems – If a backup system is connected to the corporate network, hackers can move laterally, starting with the compromised endpoint, to locate and gain access to the backup software, and ultimately disable, remove, or purge the saved files.

Remote access to backup systems – If backup systems need to remotely connect to servers to save or manage data, a lax approach to password authentication can expose protected systems in the event credentials are stolen or discovered.

Infrequent backups – Even if you have an effective backup, running it infrequently means you risk losing days, weeks, or even months of data in the event of sudden recovery needs following a crisis.

Untested Backups – It might seem obvious, but you never know if a backup and restore process works until you test it.

An effective backup strategy

Here are some best practices to define a truly effective backup strategy, focused on security, but also on business continuity: