Storage is an integral part of any organization’s infrastructure. Cyber security is crucial element the strategy of any organization. Yet somehow the two are rarely connected – and the lack of storage security is a vulnerability that puts businesses at risk.
When it comes to stopping hackers from getting their data, most organizations are concentrate theirs security situation on protection ofir scope and endpoints, and on analyze traffic and user activity trending too recognize agrannies Today, IT leaders understand that attacker can ultimately fly away also the best security protocols. This works out storage and backup systems how that last line of defense. ONEAnd attackers know it.
Through the eyes of a hacker
Look through the eyes of a hacker and you will see how appeone destination storage is. You couldap to the storage or backup level to get a copy of that Active Directory server and launch it in a testbed or sandbox environment—the probably much less strictly controlled. Now you can light an not monitored VM Use of copies, and break your way to production Data. When that The organization also uses cloud storage for offsite backup, she might try to change the backup policy to piggyback the data she desire in one of these Offsite Records. Because data loss prevention (DLP) tools rarely (if ever) monitor storage and backup traffic — let alone from the cloud side — you’ll likely never realize that your entire environment has been cloned.
In another scenario, you could change the configuration of one insufficiently secure storage system map the hard drives of mission-critical databaseS or applications to server you control Now the data is visible from both at the same time original production server and yoursand you can use the unsupervised path you just created to change production dates without tripping any wires. Who wonders how and why: Storage IO (which often uses non-IP protocols) is rarely monitored and threat recognition tools typically relj on software agents provided on production server (which of course you paid attention to not to use on yours).
Not motivefourth by money? if you a hacktivist or running a nation–state attack Look at the kneecap a large bank utility providersyou want to eliminate any chance of recovery by draining Everyone saved data. In addition to destroy snapshotS, Shadow Copies & even backup systems that protect storage devices, you could also run denial-of-service (DoS) attacks on storage networks and storage arrays. The latter is particularly devastating, as a single overburdened array can instantly bring down thousands of servers, and an overburdened SAN can bring down the entire production environment at once.
Yes, these are highly destructive scenarios –but They are also plausible if security is left unguarded. referencecentlyweather seen 10,000 data center attacks in a week. Given the number of companies paying ransom, it is clear that theat Attacks are successfulssful, the tell us These companies do not adequately protect their security.