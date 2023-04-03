On World Backup Day, Martin Zugec, Technical Solutions Director di Bitdefender talks about the importance of duplication and data protection.

An infected backup can lead IT administrators to inadvertently restore cybercriminal access to previously attacked systems. Technology solutions, such as Extended Detection and Response (XDR), help detect complex attacks and threat behaviors early in multiple environments

“World Backup Day” it’s a chance to remind businesses of the importance of backing up data and having faster reaction times, as ransomware attacks continue to evolve globally. Historically, backups weren’t designed to manage or protect against malicious actions, such as cyberattacks or intentional deletion of data. In fact, backups were created as a recovery tool in the event of accidental data loss, hardware failure, and other unexpected events.

Cybercrime

Organized crime groups operating through the distribution of ransomware take every possible ploy to prevent their victims from restoring the encrypted data. We are seeing an increase in attacks targeting Volume Shadow Copies or infecting backups later in the campaign. An infected backup can lead IT administrators to inadvertently restore cybercriminal access to previously attacked systems.

The latest technological solutions, such as theExtended Detection and Response (XDR)help detect complex attacks early by correlating threat events and behaviors across multiple environments to help stop criminals before they can encrypt data for ransom and/or exfiltrate it for extortion.

Multi-level security

It is a layered security solution that minimizes the attack surface and uses automated controls to block most security incidents. Identity access management (IAM) will continue to play an equally critical role. A single hijacked user account can compromise all backups, regardless of their location. While it’s recommended to follow the classic 3-2-1 rule of three copies of data on two different media and one copy off-site for disaster recovery, this is no substitute for a solid cybersecurity solution.