Backups The New Malware Target

8 October 2019
Justin Warren

A spate of ransomware attacks on healthcare companies this past week, both in the USA and in Australia, highlights the need for robust data protection once again.

These days it's not even enough to just have backups, as some ransomware variants are—I am told—actively targeting the backup systems themselves, and thus robbing customers of an effective recovery option. The backup systems themselves need to be resilient again malware infections, and a variety of data protection vendors are investing in this direction.

Mid-market backup vendor Arcserve has announced a partnership with Sophos to provide malware scanning on its products, helping to keep the data safe from infection, and also to provide early warning of potential threats.

Sam Roguine, Director, Solution Marketing and Enablement at Arcserve
Sam Roguine, Director, Solution Marketing and Enablement at Arcserve

“There are multiple versions of ransomware that delete very specific backup types,” says Sam Roguine, Director, Solution Marketing and Enablement at Arcserve. “Often the ransomware goes after the backups before it starts encrypting.”

By including Sophos' security products on the Arcserve appliance itself, Arcserve is able to detect and stop a ransomware attack on the backup infrastructure itself, preserving the ability to recover from an attack if it should manage to bypass other protections in the environment.

Multiple other data protection vendors have been adding anti-malware protections into their products as well. Carbonite recently acquired security vendor Webroot and Carbonite is adding Webroot's malware protection capabilities into its products.

Tim Sheahen, Senior Director of Sales at Carbonite
Tim Sheahen, Senior Director of Sales at Carbonite

“We're seeing a trend of bad actors trying to get into the backup systems,” says Tim Sheahen, Senior Director of Sales at Carbonite. “We're putting measures in place to make sure those are protected.”

Malware is some of the best advertising data protection companies could have wished for, though it's a form we'd all prefer didn't exist.

Good backups (or robust disaster-recovery/business-continuity systems) provide a solid and proven way to recover if you're unlucky enough to get hit with malware. Too often data protection is an afterthought, a particularly boring kind of insurance that no one wants to think about.

Until, quite suddenly, it's the very opposite of boring.

Dealing with a ransomware attack is the kind of exciting you really don't want to experience. While it's easy to look at what should have been done to protect yourself in hindsight, it can be hard to prioritise when the daily grind makes so many demands of both executives and IT.

This is an explanation, but it's not an excuse.

While every lazily written post-breach press release loves to include the clichéd phrase “we take security seriously” the time to do that is before you get infected. Increasingly that means making sure you have working and tested data protection systems. This has always been true, but the threat of ransomware isn't going away. There is too much money to be made, and people respond to incentives.

There is a day, out there in the future somewhere, when ransomware will come knocking at your door.

If that horrible day ever arrives, I hope you did the work to make it as boring as possible.

See Also

Related items

Veeam Gears Up For Enterprise Growth

16 May 2018

Veeam alters its pitch to enterprise customers and tries to sell the C-suite on its vision of the future.

Commvault Says Game On With New Hyperscale Appliance

19 October 2017

Commvault’s new HyperScale product embraces the scale-out approach of Rubrik and Cohesity. How long will the others take to catch up?

Veeam Goes Hard After The Enterprise

17 May 2017

Veeam is aggressively going after the enterprise as it transitions from an SMB focused company. But it risks losing its soul in the process.