Immutable storage subversion attacks can present a severe threat to backup data says Asigra
- Published: Friday, 30 October 2020 09:54
Asigra, Inc., has released a statement emphasizing the ‘importance of cybersecurity-enabled backup and recovery with software integrated step-up multi-factor authentication (‘Deep MFA’)’. The company says that this is increasingly important as immutability storage subversion attacks expose corporate backup repositories to hackers using stolen backup operator and administrator login credentials, leading to maliciously re-configured settings within the backup application and preventing successful data recovery operations.
Asigra says that:
- In the infancy of ransomware, backup data provided a means to recover criminally encrypted or stolen data to maintain business operations. However, with the continuing evolution of these sinister cyber threats, backup data has become the target of choice as hackers prevent viable recoveries after such events. By obtaining backup administrator login credentials through keylogging, phishing and other means, more advanced ransomware attacks are circumventing multi-factor authentication, allowing easy access to some of the most sensitive and important organizational data.
- Immutability subversion attacks often occur because application-specific MFA has not been applied to the organization’s backup software. The approach takes user authentication to a higher level, where the system requires user credentials for any critical function that could compromise a recovery. Also known as Deep MFA, it provides protection to secure policy settings and controls that prevent backup data deletions or malicious encryption resulting from ransomware detonation.
“The poor or no coordination between backup and security teams attracts threat actors who prey on backup environments that are not adequately protected,” said Eran Farajun, EVP, Asigra. “You win when you’re not worth hacking. Backup software with integrated Deep MFA enabled cybersecurity and ransomware attack-loop mitigation helps managed service providers and their enterprise customers significantly raise the cost and effort for hackers who then move to easier opportunities.”