What to expect in 2023 when it comes to backup & storage security. The rise of ransomware attacks, data storage hacks, and cases of erasing immutable data in 2021 caused cyber storage to gain more attention in the media. The “business value” of data continues to increase with the escalation of these kinds of attacks. That’s probably one of the main reasons data breaches are still one of the biggest cybersecurity threats.
Furthermore, hackers are aware that most organisations’ backup and storage systems are still vulnerable. continuitysoftware.com conducted surveys last year that showed 16 security misconfigurations on average in enterprise storage devices – three of which were critical.Data storage and backup education still needs improvement.
1. Cybercrime targeting data will become more sophisticated and costly
Cybercriminal groups are still able to innovate and adapt to new technology faster than organisations. As a result, we can expect more attacks in 2023, especially ransomware, as well as an increase in average incident costs.
Ransomware is not the only threat supply-chain attacks pose. These attacks infiltrate customers, employees, and partners by compromising an organisation’s code. In addition to manipulating records at the record level, they could also exfiltrate funds. As a result, supply chain attacks can cause widespread economic disruption.
The scope of cybercrime attacks will also expand. It is not only your endpoints and servers that will be targeted by modern criminal groups, but also the central storage systems and the backup infrastructure that support them.
As a result of successfully infiltrating these new targets, they are able to:
- Destroy or alter backups (including off-site cloud copies and immutable storage) completely to thwart recovery efforts;
- A single storage or backup system is capable of storing petabytes of data;
- Most modern threat intelligence systems and Data Loss Prevention (DLP) systems attempt to detect the attacker.It is actually possible for hackers to take advantage of cloud-based backup solutions without creating any noticeable load on production systems, if they are not properly secured.
2. Organisations will still struggle to secure storage and backup
Storage systems and backups are highly vulnerable to attacks because organisations have many misconceptions about their security.As a first step, they believe that their storage systems cannot be penetrated from the outside due to their obscure nature and the way in which they have been embedded within their data centres. A storage system is one of the weakest links in an organisation, and hackers have easy access to them.Â
Despite the complexity of backup environments, most security executives still believe backups offer bulletproof recovery. There are usually multiple tiers of data recovery that offer different levels of protection. Each with its own recovery speed (which is another issue with backups).In addition. Organisations believe that existing risk detection and mitigation strategies can detect sophisticated attacks on storage and backups that interfere with the backup process. There is a danger in this misconception, as even the most advanced backup systems can be bypassed if they are not reinforced, isolated, and secured properly.
Due to these reasons, in 2023 we should not be surprised at:
- Tens of billions of dollars will be stolen through direct attacks on storage and backup;
- Petabytes of sensitive information will be exposed when NAS systems, SAN fabrics, and backup systems are insecure;
- Organisations will not always be able to recover from attacks. Even if they use “holy grail” technologies such as offsite cloud backups.
3. Policymakers and governments will tighten supervision
Many organisations are now paying more attention to the security of their storage and backups than ever before. Two-thirds of 200 CISOs worldwide who participated in our recent survey said that auditors reviewed their backup and storage systems recently.
We expect organisations to tighten their data protection solutions and avoid negotiating with criminals under new national and international guidance.
4. Data protection, recovery, and security will be sensitised to organisations
A systematic approach to securing storage and backup environments will become more apparent to organisations. Therefore, organisations will need to improve auditing, testing, mapping, and assessing their backup and storage assets, as well as define the requirements for data protection.
In the coming year, I believe Gartner and NIST will begin to implement more of the following recommendations:
- There will be a greater need for collaboration between information security and IT infrastructure teams.
- Backup and storage security postures will need to be continuously assessed, and any security gaps will need to be automatically rectified;
- CyberStorage, a term coined by Gartner, air-gapping, etc.) will need to be matched with the proper technologies (e.g., air-gapping, etc.). For more information visit our website.