Why cybercriminals specifically target backups
There are two main ways to recover encrypted data after a ransomware attack: restoring from backups and paying the ransom. The attackers also know this and try to deprive companies of a solution by attacking backups. Two problems, same cause: Complete recovery of data after a ransom payment is highly uncertain, because in case of doubt you cannot rely on a promise from cybercriminals. And restoring the data from the backups doesn't work in many cases because the cybercriminals have often encrypted them in order to...