Check out our companion blog!

Disk Backup Security EXPOSED: The Vulnerability Nobody Discusses

Disk backup security is the vulnerability ransomware attackers exploit first—here's what you need to know to protect your data.

When the industry moved from tape to disk-based backups, we gained some incredible capabilities. Deduplication made backup storage affordable. Replication meant we could have automated offsite copies without shipping tapes. Virtual synthetics made restores faster than ever. Backup verification became practical and routine.

But we also created a problem nobody anticipated: disk backup security was never part of the original design.

In this episode of The Backup Wrap-up, I sit down with Prasanna Malaiyandi to talk about how we got here and what you can do about it. Here's the reality: if your backups are sitting in a directory like E:\backups, a threat actor who gains access to your system can wipe them out with a single command. RM minus R. Del star-star. That's it. Years of backup data, gone in seconds.

This isn't theoretical. Backup systems are the number one target for ransomware attackers. They know that if they can take out your backups, you have no choice but to pay. Products like Veeam, which revolutionized backup with their "it just works" approach, had to acknowledge this threat and build countermeasures. Every backup vendor has had to respond to this reality.

So what can you do about disk backup security?

First, get your backups out of user space. If you can see your backups as a normal file path, that's a problem. Anyone who compromises an account with access to that path can delete everything.

Second, and this is the big one: immutability. If you can't delete the backups, they can't delete the backups. Truly immutable storage—where the data cannot be modified or removed regardless of who's asking—is no longer optional. It's the standard.

Third, consider obfuscation. Don't name your backup folder "backups." Rename processes and directories. It's not a complete solution, but it adds friction for attackers.

We also talk about the history of tape versus disk, why tape's air-gapped nature provided security we took for granted, and how technologies like LTO-10 are still relevant in 2026. Plus, I mention my upcoming book with Dr. Mike Sailor, "Learning Ransomware Response and Recovery," which covers these topics in depth.

If your backups aren't protected by immutable storage, you're leaving yourself exposed. The threat actors are coming for your backups. Make sure they can't get to them.
🔗 Learn more: https://www.backupwrapup.com/
📖 Book: "Learning Ransomware Response and Recovery" - Available on O'Reilly Learning Platform now, print edition March 2026

TIMESTAMPS:
0:00 - Episode intro
1:24 - Welcome & co-host Prasanna Malaiyandi
3:16 - "Grandpa's talking about tape again"
4:04 - Explaining tape for the modern audience
5:12 - How tape drives work (cassettes vs cartridges)
6:45 - Signal to noise ratio & why tape needs speed
9:07 - The bits got closer, the tape got faster
10:54 - The shoe-shining problem explained
11:30 - Everyone complained - enter disk staging
12:27 - 1999: Deduplication changes everything
13:08 - Avamar, Data Domain & dedupe storage
14:51 - SATA/nearline disks make it affordable
15:35 - The benefits of disk-based backup
15:47 - Backup verification with Veeam SureBackup
17:00 - Replication: No more "man in a van"
18:06 - Virtual synthetics explained
20:22 - "But it all sounds amazing..."
20:29 - THE PROBLEM: RM -r / DEL *.*
21:51 - Default setups: E:\backups vulnerability
22:27 - Veeam acknowledged the threat
23:43 - Backups are the #1 ransomware target
24:20 - Obfuscation & renaming strategies
25:08 - Get backups out of user space
26:26 - Immutability, immutability, immutability
27:00 - The bear analogy: outrun the other guy
27:32 - Book mention: Learning Ransomware Response & Recovery
28:11 - "Disk is awesome, except when it's not"
30:00 - Wrap-up and closing
#backup #ransomware #cybersecurity #dataprotection #immutablebackup #diskbackup #ITsecurityWhile

While you're here, Here's some other great episodes:
https://www.youtube.com/watch?v=ZZGn5xlYTec
https://www.youtube.com/watch?v=nHz5hGZy0nY&t=2s
https://www.youtube.com/watch?v=ov834MWoBXg&t=2s

This YouTube channel is also available as an audio podcast!
https://www.backupwrapup.com

We also have a blog that I've been running for over 20 years!
https://www.backupcentral.com

I've also written four O'Reilly books! My latest:
https://www.amazon.com/Modern-Data-Protection-Recoverability-Workloads-ebook/dp/B093TQTBC3