The most popular and comprehensive Open Source ECM platform
Let us know more
Storage: Misconfigurations and Vulnerabilities Make Storage and Backup Environments Easy Hacking Targets
Enterprise IT storage and backup environments are lagging considerably behind application and networking security.
A 2021 study by Continuity Software analyzed data from 400 different types of enterprise storage devices obtained from customers in banking, financial services, healthcare, and elsewhere. The devices included storage device top-name vendors like Cisco, Dell EMC, hitachi, IBM, and Netapp. The analysis identified more than 6300 different vulnerability and misconfiguration problems.
Gil Hecht, Continuity Software CEO, said that “of the three main IT infrastructure categories — compute, network, and storage — the latter often holds the greatest value, from both security and business perspectives. Security vulnerabilities and misconfigurations of storage devices present a significant threat, especially as ransomware attacks have taken hold of businesses over the past few years. Yet based on our analysis, the security posture of most enterprise storage systems is strikingly weak. Organizations must act immediately to better protect their storage – as well as backup systems – to ensure their data is secure against ransomware and other cyberattacks.
Doron Pinhas, CTO at Continuity, told DarkReading that “successful ransomware is just the tip of the iceberg Attackers who succeed in accessing the storage environment can destroy all available recovery options, including replicas, backups, immutable copies, storage-based snapshots, and recovery keys. Existing threat intelligence solutions do not cover storage well. Organizations typically own most of what they need to properly secure storage systems. The bigger problems have to do with awareness, education, informed planning, and control.”
