Businesses today must deal with economic crises, global pandemics, ever-changing regulations, and cybercrime.
Increasingly sophisticated ransomware attacks are specifically targeting backup data and administrator functions. AI-based spear phishing and hybrid work – the cyber threat landscape remains tense. Cybercrime-as-a-service is becoming a major business model, and criminal tactics are evolving by the minute.
And Microsoft 365 is not immune to these cyberattacks. It makes sense for attackers to target it due to the massive uptake of this SaaS platform.
Gartner predicts that by 2025, at least 75% of IT organizations will face one or more attacks.
Attacks can come from two directions:
- External threats. Hackers attacking the company from the outside, usually for money, but sometimes for political or other reasons. Attacks launched from outside must gain access to the network through stolen credentials or software backdoors.
- Internal threats. Employees cannot be ignored as a threat. In some respects, internal attacks are easier to mount as the attacker already has access to the network and does not need to breach firewalls, even if privilege escalation may still be required.
|One Ransomware attack every 11 seconds in 2021 (Cybersecurity Ventures)|
|By 2025, 40% of all enterprises will require ransomware defense mechanisms (Gartner)|
|Cybercrime cost in 2021 = €6000 billion. Covid-19 = €9,400 billion (Cybersecurity Ventures – World Bank)|
|44% of entry point attacks are through phishing Email, malicious links (Data protection trends 2022)|
To prevent risks in hybrid environments, a key requirement is to build security into every stage of software development. A secure-by-design backup solution requires a couple of requirements to be met:
Companies should develop a Zero trust security culture
Atempo has security teams involved during the whole development process and their duty is to align people, processes, and technology to minimize software risk.
The security teams are actively involved in implementing ISO 27001 standards and in the continuous improvement process.
Another aspect of their job is to follow latest cybersecurity technology trends, security reports highlighting latest attacks, subscribing to RSS feeds and organizations such as ANSSI (The National Cybersecurity Agency of France) as well as participating at industry security events (such as the FIC : International Cybersecurity Forum).
A "Secure-by-design" backup solution
Security by design is an approach to software and hardware development that seeks to make systems as free of vulnerabilities and impervious to attack as possible through such measures as architecture analysis, continuous testing/penetration testing, authentication safeguards and adherence to best programming practices (such as static code analysis).For modern web-based backup solutions, such as Atempo Data Protection, security teams respect OWASP Security design principles created to help developers build highly secure web applications. Security teams are focused on applying all Security principles.
We all remember the recent attack on the US based MSP software provider which is estimated to have infected up to 2000 global organizations with ransomware. The ransomware group targeted a vulnerability in MSP remote computer management tool to launch the attack. We see in this example that MSPs can be efficient vehicles for ransomware because they have wide access to many of their customers' networks. This is why Secure-by-design matters for a software provider.
Linux OS first
Linux systems are rarely infected by malware such as viruses, worms etc., thereby making it as a very secure OS. Security is a very fast and evolving topic! Given the fact that Linux is an Open Source and many experts are watching it, many of the security issues are managed by releasing frequent patches. Added to that, there are some OS design-level aspects like memory management, user/kernel memory space separation, virtual memory, log management, file access control that make it even more secure. Atempo Data Protection is designed to work with Linux which, when we follow architecture best practices, makes it a very secure solution. Keep in mind that to ensure a high level of security the Linux OS and Atempo Data Protection must apply the latest patches to avoid any risk of a security breach.
Architecture your backup solution respecting security best practices
When it comes to configure your backup solution in hybrid environments a couple of best practices must be taken into account.
- A good practice is to isolate your backup service and make sure you server is hidden from your Active Directory, making it invisible avoids risks from ransomware attacks;
- Make sure only computers that need to access your backup environments can access this server with secure communications and encryption between Atempo Data Protection servers and any storage nodes;
- Limit physical access to data backups. However you choose to store your data backups on the server, NAS, tape or cloud, be sure the access is controlled in those facilities. Encrypt your backups; encryption implemented and managed in the right way serves as an excellent layer of defense.