As organizations are becoming more concerned about being hit with ransomware, security teams and vendors are investigating more secure methods of preventing the destruction of backups. The concerning thing is that these implementations for "immutable backups" are not always as secure as they're purported to be. Smart vendors and organizations that do put an emphasis on protecting data should include WORM (write once, read many) and immutable backups and storage. For these types of backups there is often a retention period set, where the backup is created and cannot be modified until this period has elapsed. This may be implemented in different ways, but the end-result should be data that cannot be modified for a pre-configured amount of time. This is useful in the event of a ransomware attack or other catastrophic outage. Since this data is immutable (and SHOULD be stored in a different location from the data of which it is a backup), it should be unaffected by the emergency and can be used for quick restoration of data. The entire point being for an organization to secure a backup that cannot be deleted with the rest of their data in the event of an attack. As pen testers, we were tasked with ensuring our immutable backup data was protected. We decided that since trying to break the immutability of the data itself was likely to prove futile, targeting something else made more sense. Instead, we attempted to attack the infrastructure hosting the backup data, since they're just servers at the end of the day. This strategy proved much more fruitful. Why attack the data when you can just attack the server it's hosted on? In this talk, we will discuss our processes, failures, and ultimate successes from tests of immutable backups in three vendor solutions. By: Ryan Kane | Sr Security Engineer, Northwestern Mutual Rushank Shetty | Sr Security Engineer, Northwestern Mutual Full Abstract and Presentation Materials: https://ift.tt/GiIrc9U
source https://www.youtube.com/watch?v=1o8nZGQ5idc
-
Axis Security, a company that specializes in private application access, emerged from stealth mode on Tuesday with $17 million in funding....
-
Germany recalled its ambassador to Russia for a week of consultations in Berlin following an alleged hacker attack on Chancellor Olaf Scho...
No comments:
Post a Comment