{"id":5835,"date":"2018-06-22T02:43:46","date_gmt":"2018-06-22T01:43:46","guid":{"rendered":"https:\/\/www.n-able.com\/?p=5835"},"modified":"2021-07-12T14:29:35","modified_gmt":"2021-07-12T13:29:35","slug":"how-safe-are-your-backups","status":"publish","type":"post","link":"https:\/\/www.n-able.com\/de\/blog\/how-safe-are-your-backups","title":{"rendered":"How Safe Are Your Backups?"},"content":{"rendered":"<p>It may seem like a silly question, as backups are never traditionally thought of as being at risk. It stems back to a time when backups were on tape\u2014a medium that would be tough for even the most skilled developer to hack into. But today\u2019s backups are stored (whether on-prem or in the cloud) on disk\u2026 or more specifically, files in a file system. Depending on how accessible that file system is, your backups themselves may be at risk.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.n-able.com\/wp-content\/uploads\/blog\/2018\/06\/ransom_pay_backup.jpg\" alt=\"ransom_pay_backup.jpg\" width=\"415\" height=\"205\" align=\"left\" hspace=\"right\" data-entity-type=\"\" data-entity-uuid=\"\" \/>It\u2019s far more likely they\u2019d be at risk of attack from ransomware than anything\u2014if for no other reason than the benefit to the cybercriminal: If they can encrypt your backups (along with production data), you\u2019d have no other recourse\u00a0<em>but<\/em>\u00a0to pay the ransom, no matter how high. The only other instance I can think of when backups would be important to an attacker is in the case of data manipulation or data destruction, if they were intent on prohibiting you from putting data back into a known good state, destroying backups could be a strategic move.<\/p>\n<p>Take the following examples of malware and think about how backup data could be accessed:<\/p>\n<ul>\n<li><b>SynoLocker<\/b><br \/>\nThis purpose-built ransomware took advantage of a specific vulnerability found on Synology NAS devices and encrypted the contents.<\/li>\n<li><b>EternalBlue<\/b><br \/>\nThis code leverages SMB connections to spread malware across multiple Windows endpoints.<\/li>\n<li><b>Locky<\/b><br \/>\nThis ransomware-traversed mapped network shares to find content to encrypt.<\/li>\n<\/ul>\n<p>While none of these specifically are examples of\u00a0<em>backups<\/em>being encrypted, the point is,\u00a0<em>if your backups are accessible to any endpoint (and they are), they are at risk<\/em>.<\/p>\n<p>First off, if you\u2019re thinking\u00a0<em>\u201cI\u2019m safe, my backups are encrypted,\u201d<\/em>\u00a0you\u2019re missing the point. Attackers aren\u2019t trying to\u00a0<em>access<\/em>\u00a0your backups; they\u2019re trying to\u00a0<em>take away your ability to use your backups<\/em>.<\/p>\n<p>So, how do you protect your backups?<\/p>\n<h3>Keeping Backups Safe<\/h3>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.n-able.com\/wp-content\/uploads\/blog\/2018\/06\/backup_safe.jpg\" alt=\"backup_safe.jpg\" width=\"409\" height=\"202\" align=\"right\" hspace=\"right\" data-entity-type=\"\" data-entity-uuid=\"\" \/>Your mindset should be one of security here. The goal is to protect a data set that is the foundation for protecting every other data set in your organization. The following steps (although not an exhaustive list) could put your organization in a good position to help ensure backups aren\u2019t inappropriately accessed or manipulated.<\/p>\n<ol>\n<li><b>Implement least privilege<\/b><br \/>\nTo affect your backups, an attack needs to have access to them in the first place. Limit the number of accounts that have access to backup data, restricting the use of those accounts to only backup-related processes (e.g. don\u2019t use\u00a0<em>Administrator<\/em>\u00a0to perform your backups, as you may log on with those credentials on another system that is already infected with, say, a keylogger).<\/li>\n<li><b>Isolate your backups<\/b><br \/>\nEliminating the ability for any inbound connections would be a smart start. Set up firewall rules to allow the server performing the backups to operate so that an outbound connection needs to be established with the system being backed up, but no inbound sessions are initiated.<\/li>\n<li><b>Maintain multiple copies<\/b><br \/>\nProtecting your backups gives new life to the \u201c3-2-1 Backup Rule\u201d (3 copies of your data, 2 different mediums, 1 off-site). If you\u2019re an on-prem backup show, consider going hybrid cloud or cloud-first instead and maintain backups securely in the cloud. If you\u2019re copying data to the cloud as part of a backup job\u2014so, should the on-prem data be manipulated or tampered with in any way, that isn\u2019t copied to the cloud.<\/li>\n<\/ol>\n<p>If you\u2019re not taking these kinds of proactive steps, your backups are potentially at risk. Cybercriminal organizations are becoming more sophisticated in their tactics, looking for ways to ensure their attacks are successful. So, it\u2019s natural to conclude that if removing backups as an option for their prey is beneficial to the attacker, they\u2019re going to look for ways to make that happen.<\/p>\n<p>By putting the three steps above in place, you can help reduce the likelihood of your backups being a target, and increase your organization\u2019s ability to recover from an attack.<\/p>\n<p>&nbsp;<\/p>\n<p><b>Additional reading:\u00a0<\/b><\/p>\n<ul>\n<li><a href=\"https:\/\/www.n-able.com\/blog\/step-step-guide-backup-strategy-small-business\" target=\"_blank\" rel=\"noopener\">A step-by-step guide to backup strategy for small business<\/a><\/li>\n<li><a href=\"https:\/\/www.n-able.com\/blog\/understanding-bandwidth-throttling-backup\" target=\"_blank\" rel=\"noopener\">Understanding bandwidth throttling for backup<\/a><\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<p><em>Nick Cavalancia has over 20 years of enterprise IT experience and is an accomplished executive, consultant, trainer, speaker, and columnist. He has authored, co-authored and contributed to over a dozen books on Windows, Active Directory, Exchange\u00a0and other Microsoft technologies. Nick has also held executive positions at ScriptLogic, SpectorSoft\u00a0and Netwrix\u00a0and now focuses on the evangelism of technology solutions.<\/em><\/p>\n<p><em>Follow Nick on Twitter\u00a0at\u00a0<a class=\"ext\" href=\"https:\/\/twitter.com\/nickcavalancia\" target=\"_blank\" rel=\"noopener noreferrer\">@nickcavalancia<\/a><\/em><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Most companies assume their backups aren\u2019t actually at risk, warns Nick Cavalancia, but that can be a chink in your armor you don\u2019t want to leave vulnerable.<\/p>\n","protected":false},"author":25,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"footnotes":""},"class_list":["post-5835","post","type-post","status-publish","format-standard","hentry","topic-backup-disaster-recovery"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v27.2 (Yoast SEO v27.2) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>How Safe Are Your Backups? - N-able<\/title>\n<meta name=\"description\" content=\"Most companies assume their backups aren\u2019t actually at risk, warns Nick Cavalancia, but that can be a chink in your armor you don\u2019t want to leave vulnerable.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.n-able.com\/de\/blog\/how-safe-are-your-backups\" \/>\n<meta property=\"og:locale\" content=\"de_DE\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"How Safe Are Your Backups? - N-able\" \/>\n<meta property=\"og:description\" content=\"Most companies assume their backups aren\u2019t actually at risk, warns Nick Cavalancia, but that can be a chink in your armor you don\u2019t want to leave vulnerable.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.n-able.com\/de\/blog\/how-safe-are-your-backups\" \/>\n<meta property=\"og:site_name\" content=\"N-able\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/NableMSP\" \/>\n<meta property=\"article:published_time\" content=\"2018-06-22T01:43:46+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2021-07-12T13:29:35+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.n-able.com\/wp-content\/uploads\/blog\/2018\/06\/ransom_pay_backup.jpg\" \/>\n<meta name=\"author\" content=\"Guest\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@Nable\" \/>\n<meta name=\"twitter:site\" content=\"@Nable\" \/>\n<meta name=\"twitter:label1\" content=\"Verfasst von\" \/>\n\t<meta name=\"twitter:data1\" content=\"Guest\" \/>\n\t<meta name=\"twitter:label2\" content=\"Gesch\u00e4tzte Lesezeit\" \/>\n\t<meta name=\"twitter:data2\" content=\"4\u00a0Minuten\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.n-able.com\/de\/blog\/how-safe-are-your-backups#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.n-able.com\/de\/blog\/how-safe-are-your-backups\"},\"author\":{\"name\":\"Guest\",\"@id\":\"https:\/\/www.n-able.com\/de#\/schema\/person\/ee8cad7f258c4c0bbd8df129da8ba8c7\"},\"headline\":\"How Safe Are Your Backups?\",\"datePublished\":\"2018-06-22T02:43:46+01:00\",\"dateModified\":\"2021-07-12T13:29:35+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.n-able.com\/de\/blog\/how-safe-are-your-backups\"},\"wordCount\":751,\"publisher\":{\"@id\":\"https:\/\/www.n-able.com\/de#organization\"},\"image\":{\"@id\":\"https:\/\/www.n-able.com\/de\/blog\/how-safe-are-your-backups#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.n-able.com\/wp-content\/uploads\/blog\/2018\/06\/ransom_pay_backup.jpg\",\"articleSection\":[\"Backup &amp; Disaster Recovery\"],\"inLanguage\":\"de\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.n-able.com\/de\/blog\/how-safe-are-your-backups\",\"url\":\"https:\/\/www.n-able.com\/de\/blog\/how-safe-are-your-backups\",\"name\":\"How Safe Are Your Backups? - N-able\",\"isPartOf\":{\"@id\":\"https:\/\/www.n-able.com\/de#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.n-able.com\/de\/blog\/how-safe-are-your-backups#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.n-able.com\/de\/blog\/how-safe-are-your-backups#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.n-able.com\/wp-content\/uploads\/blog\/2018\/06\/ransom_pay_backup.jpg\",\"datePublished\":\"2018-06-22T02:43:46+01:00\",\"dateModified\":\"2021-07-12T13:29:35+00:00\",\"description\":\"Most companies assume their backups aren\u2019t actually at risk, warns Nick Cavalancia, but that can be a chink in your armor you don\u2019t want to leave vulnerable.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.n-able.com\/de\/blog\/how-safe-are-your-backups#breadcrumb\"},\"inLanguage\":\"de\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.n-able.com\/de\/blog\/how-safe-are-your-backups\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"de\",\"@id\":\"https:\/\/www.n-able.com\/de\/blog\/how-safe-are-your-backups#primaryimage\",\"url\":\"https:\/\/www.n-able.com\/wp-content\/uploads\/blog\/2018\/06\/ransom_pay_backup.jpg\",\"contentUrl\":\"https:\/\/www.n-able.com\/wp-content\/uploads\/blog\/2018\/06\/ransom_pay_backup.jpg\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.n-able.com\/de\/blog\/how-safe-are-your-backups#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Backup &amp; Disaster Recovery\",\"item\":\"https:\/\/www.n-able.com\/de\/blog\/category\/backup-disaster-recovery\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"How Safe Are Your Backups?\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.n-able.com\/de#website\",\"url\":\"https:\/\/www.n-able.com\/de\",\"name\":\"N-able\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/www.n-able.com\/de#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.n-able.com\/de?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"de\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.n-able.com\/de#organization\",\"name\":\"N-able\",\"url\":\"https:\/\/www.n-able.com\/de\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"de\",\"@id\":\"https:\/\/www.n-able.com\/de#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg\",\"contentUrl\":\"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg\",\"width\":\"1024\",\"height\":\"1024\",\"caption\":\"N-able\"},\"image\":{\"@id\":\"https:\/\/www.n-able.com\/de#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/NableMSP\",\"https:\/\/x.com\/Nable\",\"https:\/\/www.linkedin.com\/company\/n-able\",\"https:\/\/www.youtube.com\/channel\/UClnp77HHg4aME-S-3fWQhFw\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.n-able.com\/de#\/schema\/person\/ee8cad7f258c4c0bbd8df129da8ba8c7\",\"name\":\"Guest\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"de\",\"@id\":\"https:\/\/secure.gravatar.com\/avatar\/d82fa769eb9bf6d68cd57319e4d53994c06b1df8611c56b3842cc27f4cec1020?s=96&d=mm&r=g\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/d82fa769eb9bf6d68cd57319e4d53994c06b1df8611c56b3842cc27f4cec1020?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/d82fa769eb9bf6d68cd57319e4d53994c06b1df8611c56b3842cc27f4cec1020?s=96&d=mm&r=g\",\"caption\":\"Guest\"}}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"How Safe Are Your Backups? - N-able","description":"Most companies assume their backups aren\u2019t actually at risk, warns Nick Cavalancia, but that can be a chink in your armor you don\u2019t want to leave vulnerable.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.n-able.com\/de\/blog\/how-safe-are-your-backups","og_locale":"de_DE","og_type":"article","og_title":"How Safe Are Your Backups? - N-able","og_description":"Most companies assume their backups aren\u2019t actually at risk, warns Nick Cavalancia, but that can be a chink in your armor you don\u2019t want to leave vulnerable.","og_url":"https:\/\/www.n-able.com\/de\/blog\/how-safe-are-your-backups","og_site_name":"N-able","article_publisher":"https:\/\/www.facebook.com\/NableMSP","article_published_time":"2018-06-22T01:43:46+00:00","article_modified_time":"2021-07-12T13:29:35+00:00","og_image":[{"url":"https:\/\/www.n-able.com\/wp-content\/uploads\/blog\/2018\/06\/ransom_pay_backup.jpg","type":"","width":"","height":""}],"author":"Guest","twitter_card":"summary_large_image","twitter_creator":"@Nable","twitter_site":"@Nable","twitter_misc":{"Verfasst von":"Guest","Gesch\u00e4tzte Lesezeit":"4\u00a0Minuten"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.n-able.com\/de\/blog\/how-safe-are-your-backups#article","isPartOf":{"@id":"https:\/\/www.n-able.com\/de\/blog\/how-safe-are-your-backups"},"author":{"name":"Guest","@id":"https:\/\/www.n-able.com\/de#\/schema\/person\/ee8cad7f258c4c0bbd8df129da8ba8c7"},"headline":"How Safe Are Your Backups?","datePublished":"2018-06-22T02:43:46+01:00","dateModified":"2021-07-12T13:29:35+00:00","mainEntityOfPage":{"@id":"https:\/\/www.n-able.com\/de\/blog\/how-safe-are-your-backups"},"wordCount":751,"publisher":{"@id":"https:\/\/www.n-able.com\/de#organization"},"image":{"@id":"https:\/\/www.n-able.com\/de\/blog\/how-safe-are-your-backups#primaryimage"},"thumbnailUrl":"https:\/\/www.n-able.com\/wp-content\/uploads\/blog\/2018\/06\/ransom_pay_backup.jpg","articleSection":["Backup &amp; Disaster Recovery"],"inLanguage":"de"},{"@type":"WebPage","@id":"https:\/\/www.n-able.com\/de\/blog\/how-safe-are-your-backups","url":"https:\/\/www.n-able.com\/de\/blog\/how-safe-are-your-backups","name":"How Safe Are Your Backups? - N-able","isPartOf":{"@id":"https:\/\/www.n-able.com\/de#website"},"primaryImageOfPage":{"@id":"https:\/\/www.n-able.com\/de\/blog\/how-safe-are-your-backups#primaryimage"},"image":{"@id":"https:\/\/www.n-able.com\/de\/blog\/how-safe-are-your-backups#primaryimage"},"thumbnailUrl":"https:\/\/www.n-able.com\/wp-content\/uploads\/blog\/2018\/06\/ransom_pay_backup.jpg","datePublished":"2018-06-22T02:43:46+01:00","dateModified":"2021-07-12T13:29:35+00:00","description":"Most companies assume their backups aren\u2019t actually at risk, warns Nick Cavalancia, but that can be a chink in your armor you don\u2019t want to leave vulnerable.","breadcrumb":{"@id":"https:\/\/www.n-able.com\/de\/blog\/how-safe-are-your-backups#breadcrumb"},"inLanguage":"de","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.n-able.com\/de\/blog\/how-safe-are-your-backups"]}]},{"@type":"ImageObject","inLanguage":"de","@id":"https:\/\/www.n-able.com\/de\/blog\/how-safe-are-your-backups#primaryimage","url":"https:\/\/www.n-able.com\/wp-content\/uploads\/blog\/2018\/06\/ransom_pay_backup.jpg","contentUrl":"https:\/\/www.n-able.com\/wp-content\/uploads\/blog\/2018\/06\/ransom_pay_backup.jpg"},{"@type":"BreadcrumbList","@id":"https:\/\/www.n-able.com\/de\/blog\/how-safe-are-your-backups#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Backup &amp; Disaster Recovery","item":"https:\/\/www.n-able.com\/de\/blog\/category\/backup-disaster-recovery"},{"@type":"ListItem","position":2,"name":"How Safe Are Your Backups?"}]},{"@type":"WebSite","@id":"https:\/\/www.n-able.com\/de#website","url":"https:\/\/www.n-able.com\/de","name":"N-able","description":"","publisher":{"@id":"https:\/\/www.n-able.com\/de#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.n-able.com\/de?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"de"},{"@type":"Organization","@id":"https:\/\/www.n-able.com\/de#organization","name":"N-able","url":"https:\/\/www.n-able.com\/de","logo":{"@type":"ImageObject","inLanguage":"de","@id":"https:\/\/www.n-able.com\/de#\/schema\/logo\/image\/","url":"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg","contentUrl":"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg","width":"1024","height":"1024","caption":"N-able"},"image":{"@id":"https:\/\/www.n-able.com\/de#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/NableMSP","https:\/\/x.com\/Nable","https:\/\/www.linkedin.com\/company\/n-able","https:\/\/www.youtube.com\/channel\/UClnp77HHg4aME-S-3fWQhFw"]},{"@type":"Person","@id":"https:\/\/www.n-able.com\/de#\/schema\/person\/ee8cad7f258c4c0bbd8df129da8ba8c7","name":"Guest","image":{"@type":"ImageObject","inLanguage":"de","@id":"https:\/\/secure.gravatar.com\/avatar\/d82fa769eb9bf6d68cd57319e4d53994c06b1df8611c56b3842cc27f4cec1020?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/d82fa769eb9bf6d68cd57319e4d53994c06b1df8611c56b3842cc27f4cec1020?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d82fa769eb9bf6d68cd57319e4d53994c06b1df8611c56b3842cc27f4cec1020?s=96&d=mm&r=g","caption":"Guest"}}]}},"_links":{"self":[{"href":"https:\/\/www.n-able.com\/de\/wp-json\/wp\/v2\/posts\/5835","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.n-able.com\/de\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.n-able.com\/de\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.n-able.com\/de\/wp-json\/wp\/v2\/users\/25"}],"replies":[{"embeddable":true,"href":"https:\/\/www.n-able.com\/de\/wp-json\/wp\/v2\/comments?post=5835"}],"version-history":[{"count":0,"href":"https:\/\/www.n-able.com\/de\/wp-json\/wp\/v2\/posts\/5835\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.n-able.com\/de\/wp-json\/wp\/v2\/media?parent=5835"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}