Ransomware is no longer a distant possibility. It is an inevitability. Estimates report ransomware could cost victims $265 billion annually by 2031, with a new attack launched every two seconds. Backup storage, meant to safeguard business continuity, has now become one of the most frequent targets. Research shows 93% of ransomware attacks attempt to compromise backups in order to force ransom payments.
For disaster recovery and business continuity professionals, this raises an urgent question: is your backup system resilient enough to withstand a direct attack?
Why Immutability Alone Falls Short
For years, immutable storage has been treated as the standard safeguard against ransomware. By preventing data from being altered or deleted during a retention period, immutability adds a strong layer of protection. However, attackers have not stood still. They increasingly use automation, AI, and insider access to bypass or disable these protections.
The result is troubling. Despite broad adoption of immutable backups, the number of victims who paid ransoms more than doubled over the past year. Attackers now aim at APIs, exploit misconfigurations, and in many cases steal data outright. This shift demonstrates immutability, while critical, cannot be the only line of defense.
The Role of S3-Compatible Object Storage
Object storage provides intrinsic advantages in immutability, as it does not provide “edit in place” functionality as with file systems which are designed to allow direct file modifications. Unlike traditional file or block storage, object storage interacts through “get and put” access and write APIs, which means malware and ransomware actors have to attempt to write (or overwrite modified objects) via the API to the object store. As is detailed below, leading object stores provide mechanisms to prevent and protect against such events:
- Object versioning. Every time an object is updated or replaced; object storage preserves the prior version rather than overwriting it. This design provides a natural safety net. If an attacker tries to encrypt data, the original copy remains intact and can be restored. For backup repositories, this capability shortens recovery time and ensures data integrity even after an attack.
- Granular access controls. Strong identity management and permissions are central to S3-based storage. Administrators can configure access down to the user, group, or workload level. For example, write permissions can be limited to specific applications while human users only have read access. In the event of an attempted compromise, these restrictions reduce the likelihood of broad damage and contain the potential blast radius.
- Object Lock. One of the most critical features for backup storage is the ability to enforce retention periods that prevent deletion or modification. Once a lock is applied, even privileged administrators cannot alter or remove the data until the retention period expires. This prevents both external attackers and insider threats from tampering with backups, giving organizations assurance that recovery points will always be available.
Together, these capabilities move object storage from being a passive repository to an active participant in an organization’s cyber defense strategy.
End-to-End Cyber Resilience
As ransomware continues to evolve, organizations must design storage strategies that protect at every level. Cyber resilience in the storage layer involves a layered defense that spans architecture, APIs, and operational practices. Key principles include:
- Data protection that resists tampering. Immutability is foundational, but when combined with versioning, replication, and intelligent monitoring, it creates an environment where attackers struggle to make lasting changes. Even if malicious encryption occurs, recovery points remain viable.
- Assurance of data sovereignty. Regulations such as GDPR, HIPAA, and SEC 17a-4 increasingly require organizations to demonstrate control over where and how data is stored. Object storage deployed on-premises or in a hybrid model allows enterprises to meet these requirements while still benefiting from cloud-native scalability. By maintaining control, organizations reduce both compliance risks and the potential for unauthorized access.
- Support for operational continuity. Business continuity is not just about restoring data after an incident. It also involves maintaining availability during an attack and minimizing downtime. A resilient storage platform provides reliable performance under stress, rapid failover, and recovery workflows that integrate seamlessly with backup software. This ensures operations can resume quickly, limiting financial and reputational damage.
- Future-ready design. Attackers are not static. They adopt AI-driven tools, social engineering tactics, and new forms of exploitation. Storage systems must be built with flexibility to adapt to these evolving techniques. This includes supporting ongoing software updates, integrating with security monitoring tools, and being designed with extensibility for emerging standards and practices.
Why This Matters for Enterprises and Technology Partners
The consequences of a successful ransomware attack extend far beyond financial loss. For enterprises, the risks include downtime, data integrity concerns, regulatory penalties, and lasting damage to customer trust. Backup failures can directly translate into lost revenue and contractual breaches.
For third-party IT partners, the stakes are even higher. Multi-tenant environments mean that a single breach could impact dozens or hundreds of fellow customers. A successful data center attack not only disrupts service but also undermines the partner’s reputation for reliability. Technology partners must demonstrate their infrastructure can isolate tenants, withstand attacks, and deliver continuous availability even in adverse conditions.
In both cases, cyber-resilient storage is no longer optional. It is the backbone of trust and continuity in a digital economy where data is both the most valuable asset and the most frequent target.
A Call to Action
Traditional backups cannot meet the challenges posed by modern ransomware. Business continuity leaders should prioritize S3-compatible object storage with ransomware-proof capabilities such as object locking, versioning, and multi-layered access controls. Just as importantly, they should evaluate whether their current storage platforms deliver end-to-end cyber resilience that spans both technology and process.
Backup storage represents the final safety net in a layered security strategy. Ensuring it can withstand sophisticated, targeted attacks is fundamental to resilience. Organizations that invest in this level of preparedness will not only protect their data but also maintain customer trust, meet regulatory obligations, and ensure continuity in the face of an increasingly hostile threat landscape.
Related Content
ABOUT THE AUTHOR
Paul Speciale
Paul Speciale is a data storage and cloud industry veteran with more than 20 years of experience with small and large companies. Speciale is the chief technology evangelist and CMO for Scality, leading the team across activities ranging from building awareness to content development and lead generation, as well as being a spokesperson for the company.
DOWNLOAD EXCEL 
DOWNLOAD PDF 
DOWNLOAD WORD DOC 
