
Attacking the backups
Posted on 2020-03-13 by Matt Strahan in Business Security
There are a critical systems inside any organisation where the compromise of those systems are almost automatically business threatening. When performing penetration testing we try and think about the “crown jewels” as a bit of a target – if we get access to this the risk is pretty well self evident. Most of these systems are the obvious: financial systems, domain controller, key business process systems, safety systems, and often the web presence nowadays. One such system that is not considered nearly enough is the backup system.
Let’s first look at the obvious: to properly backup data, the backup systems have to have access to that data. This means the backup systems often have the keys to the kingdom, so to speak. If the backup systems are compromised, then all of your data should be considered compromised.
Believe it or not, though, in modern IT environments the backup systems are even more important than just having access to data.