IT disaster recovery, cloud computing and information security news

Immutable storage subversion attacks can present a severe threat to backup data says Asigra

Asigra, Inc., has released a statement emphasizing the ‘importance of cybersecurity-enabled backup and recovery with software integrated step-up multi-factor authentication (‘Deep MFA’)’. The company says that this is increasingly important as immutability storage subversion attacks expose corporate backup repositories to hackers using stolen backup operator and administrator login credentials, leading to maliciously re-configured settings within the backup application and preventing successful data recovery operations.

Asigra says that:

  • In the infancy of ransomware, backup data provided a means to recover criminally encrypted or stolen data to maintain business operations. However, with the continuing evolution of these sinister cyber threats, backup data has become the target of choice as hackers prevent viable recoveries after such events. By obtaining backup administrator login credentials through keylogging, phishing and other means, more advanced ransomware attacks are circumventing multi-factor authentication, allowing easy access to some of the most sensitive and important organizational data.
  • Immutability subversion attacks often occur because application-specific MFA has not been applied to the organization’s backup software. The approach takes user authentication to a higher level, where the system requires user credentials for any critical function that could compromise a recovery. Also known as Deep MFA, it provides protection to secure policy settings and controls that prevent backup data deletions or malicious encryption resulting from ransomware detonation.

“The poor or no coordination between backup and security teams attracts threat actors who prey on backup environments that are not adequately protected,” said Eran Farajun, EVP, Asigra. “You win when you’re not worth hacking. Backup software with integrated Deep MFA enabled cybersecurity and ransomware attack-loop mitigation helps managed service providers and their enterprise customers significantly raise the cost and effort for hackers who then move to easier opportunities.”

Want news and features emailed to you?

Signup to our free newsletters and never miss a story.

A website you can trust

The entire Continuity Central website is scanned daily by Sucuri to ensure that no malware exists within the site. This means that you can browse with complete confidence.

Business continuity?

Business continuity can be defined as 'the processes, procedures, decisions and activities to ensure that an organization can continue to function through an operational interruption'. Read more about the basics of business continuity here.

Get the latest news and information sent to you by email

Continuity Central provides a number of free newsletters which are distributed by email. To subscribe click here.