Well, that seems like a huge ‘Duh’ from The Department of Redundancy Department, doesn’t it? How do you know if your backups, either local or cloud-based are reliable? Maybe they were yesterday but are they today?

A good Managed IT Services  provider will have a schedule for regular testing and data retrieval of your backups. Perhaps they do this once a month – does that mean you and your backups are safe? For the day of testing, yes, but any day after that? Not necessarily.

The more sophisticated Ransomware crooks have been launching pre-emptive strikes against a company’s data backups – in tandem with, but just prior to, the actual Ransomware attack which encrypts the data and locks up monitor screens.

Any good IT Support company knows that the route to a quick recovery after a Ransomware attack - in simplified terms - is to stem the virus, wipe any infected devices and reinstall the data from secure backups. If the backups have been destroyed, the business owner then has no option but to pay the ransom.

Pre-emptive strikes crippling an adversary’s ability to fight back are as old as warfare on Earth: During the Battle of Britain, Germans first attacked British airbases. Pearl Harbor removed the possibility of the United States Pacific Fleet interfering immediately as Japan continued their widespread aggressions, which had previously been confined to China and other Southeast Asian mainland countries.

The same principle applies to your data backups. This pre-attack methodology is used by sophisticated, high-level hacking concerns such as the Conti organization, known for a massive attack on Costa Rica and publicly announcing their support for Russia (which is believed to be their base of operations) in the invasion of Ukraine.

As noted by the website Ransomware:
“Remember that a sophisticated ransomware organization has personnel that know your backup systems probably better than you do. A case in point is the infamous Conti organization, known for its backup-removal expertise—it actively recruits talent specifically trained in knowing how to destroy backup systems.

For instance, Conti has exceptional knowledge of Veeam, a popular backup system commonly used in VMware environments. The group attempts to exfiltrate data from the backups before damaging them.”

This is yet another specialized branch of these high-level organizations – who also spend a lot of money on Research & Development (R&D) to improve their malware strains and find new vulnerabilities through which to attack their victims.

These are not street thugs. They are highly organized and professional – more akin to James Bond’s ‘Spectre’ (without nuclear weapons… we hope) than they are a car theft ring. Don’t play ‘catch-up’ ball with these criminals. Extra steps must be taken to safeguard your backups.

Consider this timeline scenario (dates are arbitrary):
June 1: your IT Services provider tests your backup system and retrieves random files to make sure everything is working correctly – and your backups pass with flying colors.
June ? (Attack Day): Cyber criminals who have been stalking your network and sending out preliminary phishing emails have gotten an untrained or unaware end-user to click a malicious link or attachment. This releases Ransomware into your system, BUT – rather than immediately encrypting your data, locking you out of the network, and demanding a ransom, the malware quietly goes on its way – first copying and stealing your data (an extra opportunity for extortion), then destroying your backups or your ability to access them.

Now you have to pay the ransom or face the very high and very real probability of losing your enterprise completely – typically, within six months.

What is the most secure backup strategy?

The basic premise of a reliable Backup & Disaster Recovery plan is to create at least three copies of your data, in at least two storage formats – with one copy located offsite – specifically in the cloud. Backups are not to be confused with your local network data storage where data is accessible for everyday work. IT Support LA recommends these three backup systems:

Local Backup
Cloud Backup
Cloud to Cloud Backup

Local Backups – which should be separate from your working network - will get you up and running much quicker than Cloud Backups, which are a necessary backstop. Restoring data from the cloud is time consuming, so a local backup which is not connected to the network (so no malware can invade it) is the fast answer to maintain Business Continuity and productivity.

The best overall strategy is to incorporate Cybersecurity Mesh – simply described as Cybersecurity perimeters within perimeters - into all areas of your cyber-defenses. For ‘Lord of the Rings’ fans, think of it as the seven defensive levels of Minas Tirith. Without Cybersecurity mesh, and intruder who enters the system has free reign to go anywhere.

Aside from creating rings of defenses with your data and backups at the center this is the time to make sure you have top-notch Managed IT Services firm to set up your backups – especially the independent local backups. This type of defensive strategy MUST have ironclad built-in redundancies.

Frequently Asked Questions

Q: What's the difference between cloud storage and cloud backup?

A:  The difference is Cybersecurity. Storage itself simply stores and makes data readily accessible. None of the major cloud services providers, such as Microsoft Azure, guarantee your data – that is still up to the user to do. Cloud backup safeguards the data with security measures in place.

Q: Is OneDrive a cloud backup?

A: Yes. It automatically backs up your data to the OneDrive cloud.

Q: Why is it important to test backups?

A: Because you must be able to count on them if disaster strikes. IT Support LA has been called in when an inept IT person has incorrectly setup the cloud backup system - and after an attack, the data cannot be retrieved. All the more reason not to go ‘bargain basement’ on cheap, uncertified ‘IT guys.’

Q: How do you test integrity of a backup?

A: In simple terms, you retrieve your backup file, open it on a separate system, and then compare the retrieved file to the original. If it doesn’t match, there is a problem to be solved.

How secure is your network?

As a reputable member of the IT Support Los Angeles community since 2002, IT Support LA offers a FREE, no-risk network and security assessment. It is a non-intrusive scan that allows us to deliver a comprehensive report that is yours to keep. No strings, and no obligation to ever use our Managed IT Services.

The best defense is the best Cybersecurity to protect your data from theft, and a top-notch Managed IT Services firm to ensure continued reliability and defenses against newly emerging threats.

Just fill out the form on this page or call us at:
818-805-0909