The Backup Wrap-Up

Deepfake attacks are exploding, and your company is probably not ready. In this episode of The Backup Wrap-up, we dive into how cybercriminals are using AI to clone voices and create fake videos to authorize fraudulent wire transfers and reset credentials. With nearly 50% of businesses already experiencing deepfake attacks, this isn't a future problem – it's happening right now. We break down the two main attack vectors: authorization fraud (where fake CEOs trick employees into wiring money) and credential theft (where attackers reset passwords and MFA tokens). More importantly, we give you actionable defense strategies: multi-channel verification protocols, callback procedures for sensitive transactions, employee training programs, and break-glass scenarios. You'll learn what not to rely on (spoiler: caller ID is worthless) and why policy and procedure matter more than technology alone. This is a must-listen for anyone responsible for security or financial controls.

When cyber attack notification goes wrong, companies face a disaster worse than the original breach. This episode dives deep into the critical mistakes organizations make when communicating about security incidents - and why transparency beats secrecy every time.We examine real-world failures like LastPass and Rackspace, where poor communication strategies amplified the damage from their cyber attacks. From legal requirements in California and GDPR to the new one-hour notification rules in China, we cover what regulations demand and why going beyond compliance makes business sense.Learn how to create effective status pages, manage customer expectations during recovery, and avoid the death-by-a-thousand-cuts approach that destroys trust. We share practical strategies for early and frequent communication that can actually strengthen customer relationships during crisis situations.

Insider threats represent one of the most dangerous cybersecurity risks facing organizations today - and they're way more common than you think. In this episode of The Backup Wrap-up, we explore the three main types of insider threats: compromised employees who get extorted or have their credentials stolen, disgruntled workers who want revenge after getting fired, and outside attackers who infiltrate your company to become malicious insiders. We break down real-world scenarios and discuss how to protect against them using least privilege principles, monitoring systems, and immutable backups. You'll learn why 31% of insider threat incidents could have been prevented if someone had spoken up, and why immutable backups are your last line of defense when an insider goes rogue. This is a must-listen for anyone responsible for data protection and cybersecurity.

Advanced persistent threats represent one of the most dangerous cyber security challenges facing organizations today. These long-term, stealthy attacks allow hackers to maintain undetected access to networks for extended periods. In this episode, we analyze multiple APT scenarios from Mr. Robot, including the Evil Corp hack, Ollie's compromised laptop, and the Dark Army's infiltration of Allsafe. We explore how threat actors establish footholds, maintain persistence, and operate across different network segments. From raspberry pi devices hidden in executive washrooms to compromised thermostats communicating with other facilities, we examine the various ways APTs can manifest. Our discussion covers detection methods, the importance of monitoring new devices, and why proper incident response goes far beyond simple malware scans. Learn the red flags to watch for and why machine learning tools are becoming critical for identifying suspicious network behavior.

This episode of The Backup Wrap-up examines cybersecurity situational awareness through the lens of Mr. Robot's prison break episode. Curtis and Prasanna analyze the technical accuracy of USB stick attacks, Bluetooth car hacking, and social engineering tactics. The hosts discuss real-world defenses including USB port management, network segmentation, and employee training. They explore WPA2 encryption vulnerabilities and why upgrading to WPA3 matters for wireless security. The conversation covers practical cybersecurity situational awareness lessons, from recognizing physical security threats to monitoring network traffic patterns. Curtis shares war stories about malware-infected conference USB sticks, and both hosts examine how poor cybersecurity situational awareness enabled the fictional attacks. This episode provides actionable insights for IT professionals looking to strengthen their organization's security posture against USB-based threats, Bluetooth exploits, and social engineering campaigns.

Learn the ins and outs of honeypot server deployment and management in this episode of The Backup Wrap-up. We break down the cybersecurity concept using examples from Mr. Robot episodes 1.6 and 1.7, showing how these deceptive systems can catch both external attackers and insider threats.A honeypot server works by creating an enticing target that looks valuable but contains no real business data. The key is making it accessible through common exploits and monitoring every access attempt. Curtis and Prasanna discuss real-world implementation strategies, from naming conventions to network placement, and explain why the honeypot only works if attackers don't know it exists. They also cover the critical importance of remote log storage for forensic analysis and how these systems can reveal attack patterns and entry points during incident response.

Privilege escalation attacks represent one of the most dangerous cybersecurity threats facing organizations today. In this episode of The Backup Wrap-Up, we analyze how threat actors use initial access to gain higher privileges and compromise entire networks. Through examples from Mr. Robot, we explore both vertical privilege escalation (exploiting vulnerabilities for admin access) and horizontal attacks (spreading through shared systems). Learn why backup administrators often become prime targets for privilege escalation and how proper security controls can prevent these attacks. We discuss real-world cases including the Target breach via HVAC systems and recent ransomware campaigns using social engineering for privilege escalation. Discover how IoT devices create attack vectors, why physical security remains crucial, and how immutable backups protect against privilege escalation attempts. Perfect for IT professionals seeking to understand and defend against these sophisticated attack methods.Mentioned in the episode:https://www.backupwrapup.com/tape-drive-designer-schools-mr-backup-on-tape/https://www.backupwrapup.com/red-team-cyber-security-strategies/Pre-order Learning Ransomware Response & Recovery: https://www.amazon.com/Learning-Ransomware-Response-Recovery-Stopping/dp/1098169581

This episode examines cybersecurity in the workplace through the lens of Mr. Robot's "Exploits" episode, where social engineering takes center stage. Curtis Preston and Prasanna break down how Elliot infiltrates Steel Mountain data center using badge cloning, psychological manipulation, and fake identities.The hosts analyze real-world implications of these attacks, from coffee shop badge theft to exploiting lonely employees. They discuss critical gaps in physical security protocols and explain why cybersecurity in the workplace fails when organizations rely on single points of security. Key topics include visitor badge systems, tailgating prevention, security camera monitoring, and building a culture where employees feel empowered to challenge unauthorized access. The episode reveals how most workplace breaches happen through human exploitation rather than technical hacking, making employee training and robust security protocols critical for protecting sensitive data and systems.

Social engineering attacks are becoming more sophisticated, and this episode of The Backup Wrap-up explores real-world tactics through our Mr. Robot series analysis. Curtis and Prasanna examine how social engineering works, from Instagram stalking to phone compromise, and discuss actual ransomware groups like Scattered Spider who use social engineering to impersonate employees and reset passwords. We break down the hospital hacking scene, revealing how underfunded IT departments create vulnerabilities that social engineering attacks exploit. The episode also covers email security, backup system risks, and the Sony hack parallels shown in the series. Learn how to protect your organization from social engineering by understanding what information to keep private, how to properly fund cybersecurity, and why your backup systems need protection from social engineering tactics.

Reconnaissance in cyber security isn't just about scanning networks; it's about understanding your entire attack surface, including the human element. In this episode, Curtis and Prasanna analyze Mr. Robot season one, episode two, (AKA ep 1.1) to explore how sophisticated threat actors conduct reconnaissance before major attacks.Learn how F Society mapped Evil Corp's infrastructure, identified backup locations like Steel Mountain, and used human intelligence to target vulnerable employees. We discuss the reality that attackers will spend months researching your organization, mapping your networks, and identifying weaknesses in both your technology and your people.The hosts break down practical reconnaissance techniques, from social engineering tactics (like the CD attack on Angela and Ollie) to digital network mapping. You'll discover why backup systems are prime targets for reconnaissance and how proper network segregation can limit blast radius when - not if - you're compromised.

Learn how social engineering attacks really work by analyzing the cybersecurity lessons from Mr. Robot's pilot episode. Curtis Preston and Prasanna Malaiyandi break down real-world social engineering tactics used by cybercriminals to manipulate victims into revealing sensitive information.This episode covers social engineering phone scams targeting even cybersecurity professionals, the dangers of AI-powered voice cloning in modern attacks, and practical defense strategies. Discover why security questions should never be answered truthfully, how to verify suspicious calls claiming to be from banks or family members, and the importance of "trust but verify" principles.The hosts also examine insider threats in cybersecurity firms, discuss the role of OSINT (Open Source Intelligence) in attacks, and explain honeypot detection systems. Plus, learn about proper backup storage security and why offsite, air-gapped backups remain critical for ransomware protection. Get actionable tips to protect yourself and your organization from increasingly sophisticated social engineering schemes.Disclaimer: The Backup Wrap-up is not affiliated with the Mr. Robot show nor the network on which it airs. But we think you should go watch it!

The insider threat represents one of the most dangerous and overlooked cybersecurity challenges facing organizations today. In this episode of The Backup Wrap-up, W. Curtis Preston and Prasanna explore the three distinct types of insider threats that can devastate your organization from within.From malicious employees seeking revenge to careless workers who fall for social engineering, insider threats come in many forms. The hosts examine real-world cases including the Coinbase breach through compromised contractors, Apple's lawsuit against an employee who stole Vision Pro secrets, and the infamous logic bomb attack that destroyed an entire company's data.Learn practical strategies for implementing least privilege access, immutable backup protection, and multi-person authentication controls. Discover why 83% of companies experienced some form of insider threat attack in 2024, and get actionable advice on security training, vendor management, and incident response planning to protect your organization's most critical assets.

This episode explores surprising cyber security lessons hidden within Mission: Impossible's latest blockbuster. We analyze how Hollywood's depiction of AI threats, immutable backups, and air-gapped storage actually reflects real-world data protection challenges.Curtis and Prasanna dissect the movie's central premise: an AI entity altering digital reality, making it impossible to distinguish truth from fiction. The solution? An underwater Doomsday Vault containing an immutable, offline backup of the original source code. We discuss how this fictional scenario mirrors actual cybersecurity best practices, from 3-2-1 backup strategies to cryptographic hash verification.Key topics include the spectrum of immutability, why truly offline storage matters for ransomware protection, and how insider threats can compromise even the most secure systems. We also cover practical applications like object storage, SHA-256 hashing, and the human vulnerabilities that often undermine technical security measures. Whether you're a backup professional or just curious about data protection, this episode proves that sometimes the best cyber security lessons come from the most unexpected places.

The EU cloud exit movement is reshaping how European organizations think about data storage and sovereignty. Companies across Europe are moving away from US-based cloud providers like Microsoft 365, AWS, and Google Workspace due to concerns about the Cloud Act and data privacy regulations.In this episode, Curtis and Prasanna explore the backup implications of this major shift. They discuss the challenges of replacing comprehensive platforms like Microsoft 365 with multiple EU-based providers, the complexities of bringing services back in-house, and why the 3-2-1 backup rule becomes even more critical during these transitions.Whether organizations choose local providers or decide to self-host their infrastructure, data protection remains paramount. The hosts share real-world examples of failed backup strategies, including the Rackspace Exchange disaster and OVH's data center fire, to illustrate why third-party backup solutions are necessary regardless of your hosting choice.

Air gap has become one of the most overused and misunderstood terms in backup and recovery. In this episode, W. Curtis Preston and Prasanna explore what air gap really means, tracing its origins from the days when everyone used tape storage to modern virtual implementations. They discuss how true air gap required physical separation - tapes stored offsite at facilities like Iron Mountain - and why this gold standard is nearly impossible to achieve with today's connected backup systems.The conversation covers modern alternatives including immutable storage, IAM-based protection, and simulated air gaps that disconnect network connections when not actively replicating. Curtis and Prasanna explain why ransomware has made air gap more important than ever, and provide practical guidance for evaluating vendor claims about air gap capabilities in cloud and hybrid environments.

The largest data breach in recent memory has exposed 16 billion login credentials across multiple databases, and we're here to help you understand what it means for your security. This massive exposure involves data stolen primarily through infostealer malware rather than a single company breach.Join W. Curtis Preston, Dr. Mike Saylor, and Prasanna Malaiyandi as they break down this complex security incident. Learn why this largest data breach is actually a compilation of stolen credentials from various sources, how infostealer malware works, and why your browsing habits might be putting you at risk. The team discusses practical security measures including proper browser hygiene, multi-factor authentication best practices, and password management strategies. Mike shares eye-opening insights about session security and why having multiple browser tabs open during sensitive activities could compromise your accounts. Get actionable advice on protecting yourself from the fallout of this massive credential exposure.

This episode breaks down snapshot backup fundamentals, covering the key differences between traditional storage snapshots and cloud-based approaches. Curtis and Prasanna explain copy-on-write versus redirect-on-write methods, performance implications, and why some snapshot systems can degrade performance by up to 50%.Learn about NetApp's redirect-on-write innovation, VMware's unique approach, and how AWS "snapshots" are actually more like traditional backups. The hosts discuss critical concepts like read-only snapshot properties, storage space management, and the importance of copying snapshots to create true backups that follow the 3-2-1 rule.Whether you're managing traditional storage arrays or cloud infrastructure, this episode provides practical guidance on turning snapshots into effective backup strategies. Topics include performance optimization, immutable storage considerations, and real-world implementation challenges that every IT professional faces.

Human error has replaced hardware failures as the primary driver of data loss and restore operations in modern IT environments. This episode explores real-world examples of how both end users and administrators create the need for backup and recovery operations through accidental deletions, configuration mistakes, and poor processes. W. Curtis Preston shares war stories from his decades in the industry, including incidents involving accidental directory deletions, source code stored in temporary folders, and tape library disasters. The discussion covers how technology improvements like RAID and solid-state drives have made hardware more reliable, shifting the focus to human-related incidents. The hosts also examine insider threats and the importance of implementing proper controls around privileged access. Learn why understanding human error patterns is critical for designing effective backup and recovery strategies that account for the reality of how data actually gets lost.

Learn how to extract measurable ROI from your backups beyond traditional disaster recovery. Curtis and Prasanna explore proven strategies for extracting business value from backup infrastructure through test and development environments, security monitoring, compliance checking, and AI-powered analytics. Discover why the shift from tape to disk storage created new opportunities for ROI from backups, including instant restore capabilities and data mining applications. The hosts share real-world examples of organizations using backup data for threat detection, regulatory compliance, and business intelligence. From Veeam's AI integration to copy data management techniques, this episode reveals practical approaches to transform backup systems from cost centers into value generators. Whether you're struggling to justify backup expenses or seeking ways to leverage existing investments, these ROI from backups strategies can help extract maximum value from your stored data.

World Backup Day falls on March 31st - the day before April Fool's Day because not backing up your data is no joke. In this episode, hosts W. Curtis Preston and Prasanna Malaiyandi discuss alarming statistics about data loss and why proper backup strategies are essential for business survival.The hosts break down the famous 3-2-1 backup rule and how it applies to both consumers and enterprises. They examine the growing threat of ransomware, including double extortion attacks where criminals not only encrypt your data but threaten to publish it. With 94% of companies that suffer major data loss failing to recover, and 70% of small businesses closing within a year of significant data loss, World Backup Day serves as a crucial reminder to implement robust backup strategies that include immutable storage and protection for often-overlooked SaaS applications.Stories from this episode:https://www.forbes.com/sites/tomcoughlin/2025/03/31/march-31-is-world-backup-day/https://objectfirst.com/blog/world-backup-day-2025/https://www.backupwrapup.com/peter-krogh-who-coined-the-3-2-1-rule-on-our-podcast/