A lot of money is being spent to protect the enterprise against intrusion. Ransomware protection is currently in the spotlight – and with good reason.
But organizations also invest heavily in technologies such as Zero Trust Network Access (ZTNA), Secure Access Service Edge (SASE), Next Generation Firewalls, and AI-based threat detection tools.
These defenses add value. However, given the numerous security flaws in storage and backup systems that cybercriminals are actively attempting to exploit, they might be unable to stop attacks.
Here are five reasons why storage and backup are cybersecurity’s weakest links and why organizations need to prioritize the security of these systems to thwart ransomware and prevent attacks:
For the first time, discover how to eliminate blind spots in your storage & backup systems. Complete the form to instantly watch a 40-second tour of StorageGuard.
1. Complacency About Storage And Backup Security
It is a popular misconception that storage and backup systems such as Dell EMC, NetApp, or Rubrik are buried too deep in the enterprise for the bad guys to reach. This is not the case.
In incident after incident, criminals have gained administrative privileges and managed to find their way into storage systems or have been able to cripple backup systems.
From there, they have no trouble compromising sensitive information, exfiltrating data directly off the backup targets (thereby completely evading Data Loss Prevention tools), and holding the organization to ransom.
Despite abundant press about the consequences of such breaches and the apparent holes in storage and backup systems, the misconception persists.
Part of the reason may be the knowledge gap. Many security professionals lack understanding of storage and backup, while storage and backup managers often have insufficient understanding of security principles.
Whatever the reason, storage and backup systems remain among the most poorly protected in the enterprise.
2. Perimeter Obsession
The security picture today could be likened to a home where the owners build a huge fence install cameras, alarms, and sensors at the front but leave a bathroom window open.
Thieves can then enter via a neighbor’s yard, enter via the bathroom, and take what they want. Despite the owners spending a fortune to keep criminals out, the bad guys could slip in and out with ease.
The homeowner’s obsession with incursions from the street led them to miss an obvious point of weakness.
It is the same in storage and backup. When cybercriminals find data protected all along the perimeter with various security tools, they look for an easier way in.
Storage and backup vulnerabilities and security misconfigurations are becoming the go-to tactic to exfiltrate data and compromise the ability of an organization to recover from an attack.
Safe Guard Your Storage by Continuously Scan Your Storage Systems to Detect Security Risks, CVE and Insecure Configurations with StorageGuard.
3. Storage And Backup Misconfigurations Are Rife
A 2023 study of over 400 high-end storage devices detected over 6,000 discrete storage vulnerabilities, backup misconfigurations, and other security issues among storage and backup systems.
At the device level, the average enterprise storage device has around 15 security vulnerabilities, with at least three meriting a high or critical risk rating.
This is evidence that storage and backup systems have a significantly weaker security posture than the compute and network infrastructure layers – and the bad guys know it.
There are a great many patch management and vulnerability management tools out there. They continually inventory and scan networks and systems for potential issues.
They do a fine job with operating systems (OSes) and enterprise applications. However, they often miss Common Vulnerability and Exposures (CVEs) related to storage and backup.
Perhaps this is due to the complacency factor mentioned earlier. There are currently thousands of active CVEs out there that related to storage and backup.
Some of them can be used to exfiltrate files, initiate denial-of-service attacks, take ownership of files, and block devices, and delete data. Overall, about 20% of storage devices are exposed on average and can be attacked successfully by ransomware.
5. Storage Security Features Not Implemented
Enterprise storage systems are increasingly offering ransomware detection and come with many other prevention capabilities. Some include the capability to lock retained copies, protect critical data from tampering and deletion, or air gap data.
However, in breach after breach, such features were found to either not be implemented or were misconfigured, exposing the organization to the threat of ransomware.
How To Harden Storage And Backup Security
When malware gains entry, storage and backup systems are the last line of defense. They need to be fully secured to protect data and ensure recoverability.
Continuity’s StorageGuard ensures that storage and backup systems will not be the weakest link in cybersecurity.
It provides a comprehensive approach to the scanning of data storage, storage management, and backup systems to detect and remediate vulnerabilities and security misconfigurations.
Watch a 40-second demo of StorageGuard, to see how to securely configure your storage & backup environment