SecurityBrief India - Technology news for CISOs & cybersecurity decision-makers
Story image
Data tampering is an underrated threat — get your backup ready
Mon, 25th Mar 2024

World Backup Day is an annual reminder of how important it is to have an up-to-date, readily accessible copy of everything that matters to your business. Resilient backups allow you to recover more quickly from data damage, disruption, or loss, particularly if a ransomware attack has resulted in encrypted or deleted files.

These are well-known and widely reported benefits of backups — but there’s more. Immutable data backups can also protect you from the underrated threats of data tampering and malicious insiders, unpredictable activities that can significantly damage brand trust and reputation if they’re not addressed.

Data tampering and manipulation

Data tampering such as deletion and manipulation have been called the “next level of cyberattacks.” While attacks on data integrity aren’t new, their growing sophistication in the age of generative AI will make them harder to spot.

The perpetrators could be external, such as activists or nation-state groups, but more often, they are internal, disaffected insiders with broad access rights out for revenge, mischief, personal, or financial gain.

Hypothetical external incidents could include an attacker successfully breaching a stock market’s IT system to alter share price updates, leading to panic selling and financial chaos. There are also reported examples of malicious insiders trying to alter data records within their current or former company, changing passwords, disabling severs, deleting files, or engaging in cyber espionage.

Companies need defences that will detect and prevent any attempt at data tampering inside the network but also provide them with a robust and accurate version of the truth that can restore the original data and set the record straight.

The double defense against data tampering

Your first layer of protection should be a security solution that includes strong access controls, data encryption, secure communication protocols, and AI-driven measures to detect and respond to anomalies that could signpost attempted data interference. The combined impact should prevent external attackers from being able to access your network and alter or delete data, and it should also block internal malicious actions by authorised users.

There is a second, equally important layer of defence: an immutable data backup. Immutable data cannot be changed or deleted. This means that if an attacker does manage to tamper with or manipulate your communications, documents, and more — your backup files are unaffected and can be used to restore data and prove beyond doubt where content has been falsified.

The many benefits of immutable backups

Immutable backups can help an organisation to recover from any incident where data is encrypted, deleted, damaged, tampered with, or lost.

1. They offer an extra line of defense against determined bad actors. Despite the security measures in place, determined attackers may find ways to compromise or bypass security controls. Immutable backups provide an extra safeguard by ensuring that even if the primary data is tampered with, the backup remains intact and unaltered.
 
2. They protect the company from insiders with ill intent. No one likes to think about insider threats. These are your colleagues, after all. But our own recent research suggests that malicious insiders were the root cause of around a third (39%) of data breaches in the last year. Immutable backups help to protect against insider attacks, as they prevent authorised users from altering or erasing data.

3. They mitigate the impact of ransomware. Immutable backups can protect against ransomware attacks by ensuring that a clean, unaltered copy of the data is available for restoration, reducing the impact and potential need to pay the ransom.

4. They protect you from accidental data corruption. Data can be corrupted due to hardware failures, software bugs, or human error. Immutable backups help protect against these scenarios by providing a point-in-time copy of the data that cannot be modified or corrupted, allowing for reliable data restoration.

5. They are essential for compliance and data protection regulations. Some industry sectors and regulatory frameworks require organisations to maintain immutable backups for data retention and compliance purposes. Immutable backups ensure the integrity and authenticity of the data.
 
By combining security measures with immutable backups, organisations can implement a resilient data protection strategy that addresses both major, common cyberthreats such as ransomware and underrated, unanticipated threats that could do just as much harm. With immutable backups, you’re ready for them all.