{"id":15167,"date":"2020-02-21T06:49:06","date_gmt":"2020-02-21T06:49:06","guid":{"rendered":"https:\/\/www.sandbox.backupassist.com\/blog\/?p=15167"},"modified":"2020-03-15T05:11:31","modified_gmt":"2020-03-15T05:11:31","slug":"backup-mistakes-that-force-ransom-payments","status":"publish","type":"post","link":"https:\/\/www.sandbox.backupassist.com\/blog\/backup-mistakes-that-force-ransom-payments","title":{"rendered":"You back up, but are you actually cyber-resilient? The top 5 backup mistakes that force ransom payments."},"content":{"rendered":"\n

I don\u2019t want you to be a victim of cyber crime and\nhave to pay a ransom. <\/em><\/strong><\/p>\n\n\n\n

In theory, doing backups of your critical systems and having\nclear rebuild procedures for everything else should make you cyber-resilient.\nHowever, in the last 3 years I\u2019ve seen a dramatic shift in the risk profile of\nbusinesses. Gone are the days where a hard drive crash or natural disaster are\nthe top threats; instead ransomware and hacking are the most common.<\/p>\n\n\n\n

Therefore, the backup practices of yesterday no longer\nprovide the protections needed in 2020.<\/strong> <\/p>\n\n\n\n

Let\u2019s look at the top 5 mistakes that organizations make, and provide remedies for each, to bring your backup strategy up to the level required today.<\/p>\n\n\n\n

Table of contents<\/h2>\n\n\n\n

Inadequate protection for backups against hacking events<\/a>:<\/p>\n\n\n\n

  1. You don\u2019t have an offline backup<\/a><\/li>
  2. You set up integrated authentication to cloud backup storage<\/a><\/li><\/ol>\n\n\n\n

    Inadequate backup coverage<\/a>:<\/p>\n\n\n\n

    1. You have data stored on desktops or laptops<\/a><\/li><\/ol>\n\n\n\n

      Inadequate recovery<\/a>:<\/p>\n\n\n\n

      1. Your only backup is in the cloud and takes \u201cforever\u201d to download<\/a><\/li>
      2. You don\u2019t do regular test recoveries<\/a><\/li><\/ol>\n\n\n\n
        <\/div>\n\n\n\n

        Inadequate protection for backups against hacking events<\/h2>\n\n\n\n

        Hacking and ransomware are the latest cancer affecting\nbusinesses, government and non-profit organizations worldwide. <\/p>\n\n\n\n

        There are two methods in which your data could be held to\nransom:<\/p>\n\n\n\n

        1. The automated scattergun approach \u2013 where ransomware spreads (without manual hacker intervention) onto your network via phishing, malicious downloads, malvertising, worms, etc. <\/li>
        2. The post-compromise ransomware attack \u2013 where a hacker exploits a particular vulnerability in your firewall, RDP service, Operating System, etc. and penetrates your network. From there, the hacker deletes all backups he\/she can find, and installs ransomware. <\/li><\/ol>\n\n\n\n

          The problem occurs when backups get destroyed<\/strong> as part\nof the attack \u2013 meaning you will be unable to recover from backup. <\/p>\n\n\n\n

          There are certainly effective mitigations against automated\nransomware, such as BackupAssist\u2019s CryptoSafeGuard. However, the manual hack is\nmuch harder to mitigate \u2013 after all, if a hacker obtains administrator access\nto your servers, a lot of damage can be done.<\/p>\n\n\n\n

          When designing a cyber-resilience strategy, we have to assume that in the worst case, a hacker will be able to delete all online backups<\/strong>. This leads me to the first two mistakes that people make.<\/p>\n\n\n\n

          <\/div>\n\n\n\n

          Mistake 1 \u2013 not having an offline backup<\/h3>\n\n\n\n

          It can be tempting to fully automate your backup system by\nbacking up to a NAS or SAN \u2013 whether that NAS\/SAN is onsite or offsite. For\nexample, backing up to a NAS located in a different building is going to be\neffective against accidental user deletions or theft of your server, but if\nit\u2019s accessible to your backup software, it\u2019s probably accessible to a hacker.<\/p>\n\n\n\n

          The only 100% guaranteed way to protect against this kind of\nhacking is to have an offline backup. A hacker cannot destroy a backup if it\nis offline, sitting on a shelf or in a safe!<\/strong> <\/p>\n\n\n\n

          Side note: many people confuse offline with offsite \u2013 which\nI discuss in detail in my article, Offline and Offsite backups \u2013 the differences and why you need both.<\/p>\n\n\n\n

          The simplest offline backup is a backup to external hard\ndrives, which can then be disconnected from the computer or network, and placed\nin a physically safe place. You can also back up to RDX or Tape to achieve the\nsame thing. The simple act of a human disconnecting a cable can be the\ndifference between paying a $250,000 ransom or recovering from backup.<\/strong><\/p>\n\n\n\n

          Remedy: <\/p>\n\n\n\n

          1. Best option: perform a bare-metal backup to hard drives or RDX daily, and disconnect and rotate the drives.<\/li>
          2. Okay option: perform a bare-metal backup to hard drives weekly, and disconnect and rotate the drives. Perform daily incremental backups of files and data to a cloud location with good access controls (avoiding Mistake #2<\/a>).<\/li><\/ol>\n\n\n\n

            Plug: you can use BackupAssist Classic to implement a\nWindows Server backup system as described here.<\/p>\n\n\n\n

            <\/div>\n\n\n\n

            Mistake 2 \u2013 Integrated authentication to cloud backup storage<\/h3>\n\n\n\n

            Can a backup to the cloud be considered a truly \u201coffline\u201d\nbackup? From a cyber-resilience standpoint, the answer is \u201cno<\/strong>\u201d. If a\nhacker has made it this far onto your network, he or she probably has some\nserious skills\u2026 such as the ability to connect to your cloud backup storage\nservices and delete your backups.<\/p>\n\n\n\n

            However, one basic mistake can make it even easier for the\nhacker, rolling out the red carpet and saying \u201cattack me\u201d!<\/p>\n\n\n\n

            I have it on good authority that one of the major ransomware\nattacks on a major U.S. city was made possible because all their backups were\nstored in one of the major cloud vendors\u2019 storage systems. For convenience, the\nI.T. administrators had integrated the local Active Directory with the cloud\nprovider\u2019s authentication system to provide seamless authentication. The\nunforeseen downside<\/strong> was that when the hacker gained administrator access on\nthe local Active Directory, that automatically granted administrator access to\nthe cloud resources, including the cloud backups! All the backups were deleted\nbefore ransomware was installed on the on-premise systems. That mistake cost\nhundreds of thousands of dollars and payment of the ransom.<\/p>\n\n\n\n

            So does that example mean that all backups to the cloud are ineffective?<\/p>\n\n\n\n

            This is a gray area. Any online resource is potentially at\nrisk. <\/p>\n\n\n\n

            In my view, backups done to the cloud still have a valuable\nrole to play in cyber-resilience. Importantly, they should be viewed as a\nsecondary level of protection, and are not a replacement for a true offline\nbackup. I\u2019ll explore this in a future article, The role of backups to the cloud in modern\ncyber-resilience but for now, let\u2019s focus back on this mistake and\nits remedy.<\/p>\n\n\n\n

            Remedy:<\/p>\n\n\n\n

            1. Ensure that cloud backups are done to cloud storage that is completely disjoint from your main network.<\/li>
            2. Never rely solely on cloud backups. You always want multiple recovery options. Refer to the remedy for Mistake #1<\/a>. <\/li>
            3. Also remember Mistake #4<\/a> \u2013 coming up later.<\/li><\/ol>\n\n\n\n

              Plug: You can use the BackupAssist Classic Cloud Offsite Add-on to perform cloud backups as described here, to a location that is disjoint from your main network.<\/p>\n\n\n\n

              <\/div>\n\n\n\n

              Inadequate backup coverage<\/h2>\n\n\n\n

              It\u2019s self-evident that in a cyber destruction situation, anything\nthat\u2019s not backed up should be considered destroyed and irretrievable.<\/p>\n\n\n\n

              Most I.T. administrators focus on the server infrastructure,\nand performing bare-metal backups of those servers generally provides adequate\nprotection for all of the server infrastructure, applications and data running\non the server.<\/p>\n\n\n\n

              However, in a hybrid-cloud environment, a sometimes-forgotten set of data is user data stored on desktops or laptops. This leads us to mistake 3.<\/p>\n\n\n\n

              <\/div>\n\n\n\n

              Mistake 3 \u2013 data stored on desktops or laptops<\/h3>\n\n\n\n

              When hackers compromise a network, it is a relatively\nstraightforward task to push out ransomware to all desktops and laptops\nconnected to that network. Although the best practice for decades has been to\nstore files on a file server (that is backed up), users are humans\u2026 and humans can\nfrequently breach instructions and save documents to their local computer. So\neven if your servers can be recovered after a ransomware attack, the data\nstored on user workstations may be irrecoverable and force you to pay the\nransom.<\/p>\n\n\n\n

              Remedy:<\/p>\n\n\n\n

              1. Ensure that user roaming profiles are set up in\nActive Directory, so that all user data is saved back to the server, and the\nserver is backed up.<\/li>
              2. Alternatively, set up OneDrive for Business sync\nto automatically sync locally stored files to the cloud, and back up the\nOneDrive for Business accounts from the cloud to an alternate location.<\/li><\/ol>\n\n\n\n

                Plug: you can use BackupAssist 365 to back up OneDrive for Business, SharePoint documents and mailboxes as described here.<\/p>\n\n\n\n

                <\/div>\n\n\n\n

                Inadequate recovery<\/h2>\n\n\n\n

                The final category of mistakes is the inadequate recovery.\nBy now, if you\u2019ve avoided Mistakes #1 to #3, it means your backups haven\u2019t been\ndestroyed, and they do contain all the data and systems you need protected.<\/p>\n\n\n\n

                However, the final part of resilience is the recovery itself. Let\u2019s examine two more common mistakes.<\/p>\n\n\n\n

                <\/div>\n\n\n\n

                Mistake 4 – Your only backup is in the cloud and takes forever to download<\/h3>\n\n\n\n

                I see this especially in the small business sector, where\nbudgets are tight, and organizations try to get away with the minimum spend. However,\nothers can also make this mistake when trying to fully automate their backup\nsystem.<\/p>\n\n\n\n

                Storing your backups in the cloud can be very convenient,\nand eliminate the need for human intervention. However, if cloud backups are\nyour only backups, you must ask \u2013 how long will it take to download my data\nback again?<\/p>\n\n\n\n

                It can be tempting to assume the \u201cbest case\u201d scenario \u2013 that\nis, the speed of the download is only limited by your bandwidth. If you\u2019re\nlucky enough to have a gigabit internet connection, you could (theoretically)\ndownload 1TB of data in 2 hours 23 minutes. No problem, right?<\/p>\n\n\n\n

                The mistake is assuming that the cloud is infinitely fast. Unfortunately\nit is not.<\/strong> The bottleneck is probably not the speed of your internet\nconnection. Instead, it\u2019s probably a combination of two factors:<\/p>\n\n\n\n

                1. Delays and limitations at the cloud service<\/strong>\n\u2013 these are generally caused when there is contention for resources from\nmultiple clients. Yes, your cloud service will have thousands of other\ncustomers, each wanting a piece of their bandwidth. Microsoft for instance will\nmonitor the health of their servers, and implement bandwidth throttling<\/strong>\nif the server gets overloaded. Someone else\u2019s heavy usage could slow things\ndown for you. <\/strong>That means it\u2019s impossible to predict how fast you\u2019ll get\nyour data back!<\/li>
                2. Speed and size of the pipe between your cloud\nservice and you<\/strong> \u2013 an oftentimes overlooked fact is that many online backup\nproviders choose to use low cost storage. Unless your contract explicitly\nstates where your data is stored, it might be stored in far-away places. The\nspeed of a connection between the USA and Eastern Europe may be so slow that\nyou cannot download all your data within a reasonable time.<\/li><\/ol>\n\n\n\n

                  Remedy:<\/p>\n\n\n\n

                  1. Do not rely on your cloud copy for a speedy\nbare-metal recovery. It is far better to do a bare-metal recovery from a local\nbackup (which you created as part of Remedy #1) even if that backup is a week\nold. Then, do an incremental recovery from the cloud, to bring your data\nup-to-date from your latest cloud backup.<\/li>
                  2. Only rely on having to fully download your cloud\nbackup in extreme circumstances \u2013 such as the unfortunate situations in\nAustralia, where large scale fires caused destruction to millions of hectares\nof land and thousands of buildings.<\/li><\/ol>\n\n\n\n

                    Plug: You can use BackupAssist Classic\u2019s system image and cloud-offsite backup features for fast bare-metal recovery and efficient incremental cloud recovery as described here.<\/p>\n\n\n\n

                    <\/div>\n\n\n\n

                    Mistake 5 \u2013 You don\u2019t do regular test recoveries<\/h3>\n\n\n\n

                    The final mistake I\u2019ll cover is perhaps the most common \u2013\nnot doing regular test recoveries. <\/p>\n\n\n\n

                    Granted, this takes time to do, and just like practice fire\ndrill evacuations, no one wants to do them. But, there\u2019s no way to find any\nunwanted surprises until you run through the procedure. A recovery situation is\nalways stressful \u2013 many I.T. administrators will be working through the night,\nsleep deprived, under pressure from management \u2013 and it\u2019s difficult to think\nclearly in those situations.<\/p>\n\n\n\n

                    On top of this, you might be battling unexpected recovery\nproblems like missing RAID drivers, incompatibilities between different types\nof hardware, faulty Active Directory syncs, and so on.<\/p>\n\n\n\n

                    Remember: the best time to learn how to use a parachute\nis before you jump out of the plane.<\/strong> It\u2019s best to iron out all the creases\nand prepare ahead of time.<\/p>\n\n\n\n

                    Remedy:<\/p>\n\n\n\n

                    1. Perform a test recovery at least once every 6\nmonths. <\/li>
                    2. Follow a well documented set of procedures, such\nas in the BackupAssist Recovery Bible, which contains walk-throughs for 20 of\nthe most common recovery scenarios on Windows platforms.<\/li><\/ol>\n\n\n\n

                      Plug: The BackupAssist Recovery Bible<\/a> contains not just the walk-through procedures, but a handy flow chart to follow in a recovery situation.<\/p>\n\n\n\n

                      Conclusion<\/h2>\n\n\n\n

                      So there you have it \u2013 this is the best advice I can give\nafter talking to countless MSPs, security experts, forensic investigators and\ndata recovery specialists.<\/p>\n\n\n\n

                      If you avoid these 5 mistakes, I\u2019m confident you\u2019ll be\ncyber-resilient, and able to recover in your time of need.<\/p>\n\n\n\n

                      I wish you godspeed.<\/p>\n","protected":false},"excerpt":{"rendered":"

                      Many people think they are protected against hacking, data deletion and ransomware attacks because they do backups\u2026 only to discover their backups were either destroyed or ineffective. Cyber-resilience expert, Linus Chang, breaks down the top 5 mistakes that force victims to pay the ransom.<\/p>\n","protected":false},"author":2,"featured_media":15181,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[757,1],"tags":[],"class_list":["post-15167","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cyber-resilience","category-uncategorized"],"yoast_head":"\nBackup mistakes that force ransom payments - Cyber Resilience Blog<\/title>\n<meta name=\"description\" content=\"Think you're protected against hacking, deletion and ransomware attacks? Make these 5 backup mistakes, and you might have to pay a ransom.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.sandbox.backupassist.com\/blog\/backup-mistakes-that-force-ransom-payments\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Backup mistakes that force ransom payments - Cyber Resilience Blog\" \/>\n<meta property=\"og:description\" content=\"Think you're protected against hacking, deletion and ransomware attacks? Make these 5 backup mistakes, and you might have to pay a ransom.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.sandbox.backupassist.com\/blog\/backup-mistakes-that-force-ransom-payments\" \/>\n<meta property=\"og:site_name\" content=\"Cyber Resilience Blog\" \/>\n<meta property=\"article:published_time\" content=\"2020-02-21T06:49:06+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2020-03-15T05:11:31+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.sandbox.backupassist.com\/app\/uploads\/sites\/3\/2020\/02\/you-back-up-but-are-you-actually-cyber-resilient.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1500\" \/>\n\t<meta property=\"og:image:height\" content=\"1000\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Linus Chang\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Linus Chang\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"10 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.sandbox.backupassist.com\/blog\/backup-mistakes-that-force-ransom-payments#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.sandbox.backupassist.com\/blog\/backup-mistakes-that-force-ransom-payments\"},\"author\":{\"name\":\"Linus Chang\",\"@id\":\"https:\/\/www.sandbox.backupassist.com\/blog\/#\/schema\/person\/523a9a01769da254de228dbd4b1328d3\"},\"headline\":\"You back up, but are you actually cyber-resilient? The top 5 backup mistakes that force ransom payments.\",\"datePublished\":\"2020-02-21T06:49:06+00:00\",\"dateModified\":\"2020-03-15T05:11:31+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.sandbox.backupassist.com\/blog\/backup-mistakes-that-force-ransom-payments\"},\"wordCount\":2025,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/www.sandbox.backupassist.com\/blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.sandbox.backupassist.com\/blog\/backup-mistakes-that-force-ransom-payments#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.sandbox.backupassist.com\/app\/uploads\/sites\/3\/2020\/02\/you-back-up-but-are-you-actually-cyber-resilient.jpg\",\"articleSection\":[\"Cyber Resilience\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.sandbox.backupassist.com\/blog\/backup-mistakes-that-force-ransom-payments#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.sandbox.backupassist.com\/blog\/backup-mistakes-that-force-ransom-payments\",\"url\":\"https:\/\/www.sandbox.backupassist.com\/blog\/backup-mistakes-that-force-ransom-payments\",\"name\":\"Backup mistakes that force ransom payments - Cyber Resilience Blog\",\"isPartOf\":{\"@id\":\"https:\/\/www.sandbox.backupassist.com\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.sandbox.backupassist.com\/blog\/backup-mistakes-that-force-ransom-payments#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.sandbox.backupassist.com\/blog\/backup-mistakes-that-force-ransom-payments#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.sandbox.backupassist.com\/app\/uploads\/sites\/3\/2020\/02\/you-back-up-but-are-you-actually-cyber-resilient.jpg\",\"datePublished\":\"2020-02-21T06:49:06+00:00\",\"dateModified\":\"2020-03-15T05:11:31+00:00\",\"description\":\"Think you're protected against hacking, deletion and ransomware attacks? Make these 5 backup mistakes, and you might have to pay a ransom.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.sandbox.backupassist.com\/blog\/backup-mistakes-that-force-ransom-payments#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.sandbox.backupassist.com\/blog\/backup-mistakes-that-force-ransom-payments\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.sandbox.backupassist.com\/blog\/backup-mistakes-that-force-ransom-payments#primaryimage\",\"url\":\"https:\/\/www.sandbox.backupassist.com\/app\/uploads\/sites\/3\/2020\/02\/you-back-up-but-are-you-actually-cyber-resilient.jpg\",\"contentUrl\":\"https:\/\/www.sandbox.backupassist.com\/app\/uploads\/sites\/3\/2020\/02\/you-back-up-but-are-you-actually-cyber-resilient.jpg\",\"width\":1500,\"height\":1000},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.sandbox.backupassist.com\/blog\/backup-mistakes-that-force-ransom-payments#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.sandbox.backupassist.com\/blog\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"You back up, but are you actually cyber-resilient? The top 5 backup mistakes that force ransom payments.\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.sandbox.backupassist.com\/blog\/#website\",\"url\":\"https:\/\/www.sandbox.backupassist.com\/blog\/\",\"name\":\"Cyber Resilience Blog\",\"description\":\"Protect Your Cloud Data with BackupAssist\",\"publisher\":{\"@id\":\"https:\/\/www.sandbox.backupassist.com\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.sandbox.backupassist.com\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.sandbox.backupassist.com\/blog\/#organization\",\"name\":\"Cyber Resilience Blog\",\"url\":\"https:\/\/www.sandbox.backupassist.com\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.sandbox.backupassist.com\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.sandbox.backupassist.com\/app\/uploads\/sites\/3\/2019\/09\/BA-Logo-Full-Logo.svg\",\"contentUrl\":\"https:\/\/www.sandbox.backupassist.com\/app\/uploads\/sites\/3\/2019\/09\/BA-Logo-Full-Logo.svg\",\"caption\":\"Cyber Resilience Blog\"},\"image\":{\"@id\":\"https:\/\/www.sandbox.backupassist.com\/blog\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.sandbox.backupassist.com\/blog\/#\/schema\/person\/523a9a01769da254de228dbd4b1328d3\",\"name\":\"Linus Chang\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.sandbox.backupassist.com\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/58a69ed0d0b9928d91dec6132dccfb646cc4230839af779f185531c722b0d017?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/58a69ed0d0b9928d91dec6132dccfb646cc4230839af779f185531c722b0d017?s=96&d=mm&r=g\",\"caption\":\"Linus Chang\"},\"description\":\"*Founder & Creator, BackupAssist* Linus Chang has been writing software since he was eight years old. He founded BackupAssist in 2002 \u2014 making him one of the longest-standing voices in Windows backup and data protection \u2014 and has spent the decades since talking to IT administrators around the world about what actually goes wrong, and why. His interest in data loss isn't abstract. Early in his career, he was working at the Monash University help desk when a student came in with a floppy disk that wouldn't read. They tried everything. None of their drives could read it either. The disk held her entire PhD dissertation \u2014 years of work \u2014 and it was the only copy. She broke down in tears. There was nothing he could do. Five years later, he wrote the first version of BackupAssist. Linus holds a Bachelor of Science in Computer Science and has held Microsoft Certified Solution Developer and Sun Certified Java Programmer credentials. More recently, he has completed digital forensics and cyber-security courses through the Black Hat Conference. He has spoken on information security and cryptography at Infosecurity Europe, addressed politicians and policymakers at Australian Parliament House, presented to SMB IT administrators at the IT Pro Experts Conference, and served as a guest lecturer to Cyber Security master's students at the University of Melbourne. On this blog, Linus writes about backup strategy and the technical side of cyber-resilience \u2014 drawing on 24 years of product development and direct conversation with the IT professionals BackupAssist is built for. [Connect with Linus on LinkedIn](https:\/\/www.linkedin.com\/in\/linuschang\/)\",\"url\":\"https:\/\/www.sandbox.backupassist.com\/blog\/author\/linus-chang\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Backup mistakes that force ransom payments - Cyber Resilience Blog","description":"Think you're protected against hacking, deletion and ransomware attacks? Make these 5 backup mistakes, and you might have to pay a ransom.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.sandbox.backupassist.com\/blog\/backup-mistakes-that-force-ransom-payments","og_locale":"en_US","og_type":"article","og_title":"Backup mistakes that force ransom payments - Cyber Resilience Blog","og_description":"Think you're protected against hacking, deletion and ransomware attacks? Make these 5 backup mistakes, and you might have to pay a ransom.","og_url":"https:\/\/www.sandbox.backupassist.com\/blog\/backup-mistakes-that-force-ransom-payments","og_site_name":"Cyber Resilience Blog","article_published_time":"2020-02-21T06:49:06+00:00","article_modified_time":"2020-03-15T05:11:31+00:00","og_image":[{"width":1500,"height":1000,"url":"https:\/\/www.sandbox.backupassist.com\/app\/uploads\/sites\/3\/2020\/02\/you-back-up-but-are-you-actually-cyber-resilient.jpg","type":"image\/jpeg"}],"author":"Linus Chang","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Linus Chang","Est. reading time":"10 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.sandbox.backupassist.com\/blog\/backup-mistakes-that-force-ransom-payments#article","isPartOf":{"@id":"https:\/\/www.sandbox.backupassist.com\/blog\/backup-mistakes-that-force-ransom-payments"},"author":{"name":"Linus Chang","@id":"https:\/\/www.sandbox.backupassist.com\/blog\/#\/schema\/person\/523a9a01769da254de228dbd4b1328d3"},"headline":"You back up, but are you actually cyber-resilient? The top 5 backup mistakes that force ransom payments.","datePublished":"2020-02-21T06:49:06+00:00","dateModified":"2020-03-15T05:11:31+00:00","mainEntityOfPage":{"@id":"https:\/\/www.sandbox.backupassist.com\/blog\/backup-mistakes-that-force-ransom-payments"},"wordCount":2025,"commentCount":0,"publisher":{"@id":"https:\/\/www.sandbox.backupassist.com\/blog\/#organization"},"image":{"@id":"https:\/\/www.sandbox.backupassist.com\/blog\/backup-mistakes-that-force-ransom-payments#primaryimage"},"thumbnailUrl":"https:\/\/www.sandbox.backupassist.com\/app\/uploads\/sites\/3\/2020\/02\/you-back-up-but-are-you-actually-cyber-resilient.jpg","articleSection":["Cyber Resilience"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.sandbox.backupassist.com\/blog\/backup-mistakes-that-force-ransom-payments#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.sandbox.backupassist.com\/blog\/backup-mistakes-that-force-ransom-payments","url":"https:\/\/www.sandbox.backupassist.com\/blog\/backup-mistakes-that-force-ransom-payments","name":"Backup mistakes that force ransom payments - Cyber Resilience Blog","isPartOf":{"@id":"https:\/\/www.sandbox.backupassist.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.sandbox.backupassist.com\/blog\/backup-mistakes-that-force-ransom-payments#primaryimage"},"image":{"@id":"https:\/\/www.sandbox.backupassist.com\/blog\/backup-mistakes-that-force-ransom-payments#primaryimage"},"thumbnailUrl":"https:\/\/www.sandbox.backupassist.com\/app\/uploads\/sites\/3\/2020\/02\/you-back-up-but-are-you-actually-cyber-resilient.jpg","datePublished":"2020-02-21T06:49:06+00:00","dateModified":"2020-03-15T05:11:31+00:00","description":"Think you're protected against hacking, deletion and ransomware attacks? Make these 5 backup mistakes, and you might have to pay a ransom.","breadcrumb":{"@id":"https:\/\/www.sandbox.backupassist.com\/blog\/backup-mistakes-that-force-ransom-payments#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.sandbox.backupassist.com\/blog\/backup-mistakes-that-force-ransom-payments"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.sandbox.backupassist.com\/blog\/backup-mistakes-that-force-ransom-payments#primaryimage","url":"https:\/\/www.sandbox.backupassist.com\/app\/uploads\/sites\/3\/2020\/02\/you-back-up-but-are-you-actually-cyber-resilient.jpg","contentUrl":"https:\/\/www.sandbox.backupassist.com\/app\/uploads\/sites\/3\/2020\/02\/you-back-up-but-are-you-actually-cyber-resilient.jpg","width":1500,"height":1000},{"@type":"BreadcrumbList","@id":"https:\/\/www.sandbox.backupassist.com\/blog\/backup-mistakes-that-force-ransom-payments#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.sandbox.backupassist.com\/blog"},{"@type":"ListItem","position":2,"name":"You back up, but are you actually cyber-resilient? The top 5 backup mistakes that force ransom payments."}]},{"@type":"WebSite","@id":"https:\/\/www.sandbox.backupassist.com\/blog\/#website","url":"https:\/\/www.sandbox.backupassist.com\/blog\/","name":"Cyber Resilience Blog","description":"Protect Your Cloud Data with BackupAssist","publisher":{"@id":"https:\/\/www.sandbox.backupassist.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.sandbox.backupassist.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.sandbox.backupassist.com\/blog\/#organization","name":"Cyber Resilience Blog","url":"https:\/\/www.sandbox.backupassist.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.sandbox.backupassist.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.sandbox.backupassist.com\/app\/uploads\/sites\/3\/2019\/09\/BA-Logo-Full-Logo.svg","contentUrl":"https:\/\/www.sandbox.backupassist.com\/app\/uploads\/sites\/3\/2019\/09\/BA-Logo-Full-Logo.svg","caption":"Cyber Resilience Blog"},"image":{"@id":"https:\/\/www.sandbox.backupassist.com\/blog\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.sandbox.backupassist.com\/blog\/#\/schema\/person\/523a9a01769da254de228dbd4b1328d3","name":"Linus Chang","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.sandbox.backupassist.com\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/58a69ed0d0b9928d91dec6132dccfb646cc4230839af779f185531c722b0d017?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/58a69ed0d0b9928d91dec6132dccfb646cc4230839af779f185531c722b0d017?s=96&d=mm&r=g","caption":"Linus Chang"},"description":"*Founder & Creator, BackupAssist* Linus Chang has been writing software since he was eight years old. He founded BackupAssist in 2002 \u2014 making him one of the longest-standing voices in Windows backup and data protection \u2014 and has spent the decades since talking to IT administrators around the world about what actually goes wrong, and why. His interest in data loss isn't abstract. Early in his career, he was working at the Monash University help desk when a student came in with a floppy disk that wouldn't read. They tried everything. None of their drives could read it either. The disk held her entire PhD dissertation \u2014 years of work \u2014 and it was the only copy. She broke down in tears. There was nothing he could do. Five years later, he wrote the first version of BackupAssist. Linus holds a Bachelor of Science in Computer Science and has held Microsoft Certified Solution Developer and Sun Certified Java Programmer credentials. More recently, he has completed digital forensics and cyber-security courses through the Black Hat Conference. He has spoken on information security and cryptography at Infosecurity Europe, addressed politicians and policymakers at Australian Parliament House, presented to SMB IT administrators at the IT Pro Experts Conference, and served as a guest lecturer to Cyber Security master's students at the University of Melbourne. On this blog, Linus writes about backup strategy and the technical side of cyber-resilience \u2014 drawing on 24 years of product development and direct conversation with the IT professionals BackupAssist is built for. [Connect with Linus on LinkedIn](https:\/\/www.linkedin.com\/in\/linuschang\/)","url":"https:\/\/www.sandbox.backupassist.com\/blog\/author\/linus-chang"}]}},"_links":{"self":[{"href":"https:\/\/www.sandbox.backupassist.com\/blog\/wp-json\/wp\/v2\/posts\/15167","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.sandbox.backupassist.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.sandbox.backupassist.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.sandbox.backupassist.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.sandbox.backupassist.com\/blog\/wp-json\/wp\/v2\/comments?post=15167"}],"version-history":[{"count":17,"href":"https:\/\/www.sandbox.backupassist.com\/blog\/wp-json\/wp\/v2\/posts\/15167\/revisions"}],"predecessor-version":[{"id":15387,"href":"https:\/\/www.sandbox.backupassist.com\/blog\/wp-json\/wp\/v2\/posts\/15167\/revisions\/15387"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.sandbox.backupassist.com\/blog\/wp-json\/wp\/v2\/media\/15181"}],"wp:attachment":[{"href":"https:\/\/www.sandbox.backupassist.com\/blog\/wp-json\/wp\/v2\/media?parent=15167"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.sandbox.backupassist.com\/blog\/wp-json\/wp\/v2\/categories?post=15167"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.sandbox.backupassist.com\/blog\/wp-json\/wp\/v2\/tags?post=15167"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}