Commvault is urging organisations to fundamentally reassess their cyber resilience strategies as AI-powered attackers increasingly target backup and recovery infrastructure, leaving victims unable to restore operations. The concern is that traditional backup plans are insufficient if they are not regularly tested and hardened against modern threat actors who specifically seek to neutralise recovery capabilities. This matters because the failure point is no longer just data loss — it is the complete inability to recover.

Architect’s Take: Conduct immutable backup validation and regular recovery rehearsals in isolated environments; ensure your backup control plane and admin credentials are air-gapped or protected by separate identity controls from your primary estate to prevent attackers from disabling recovery options before deploying ransomware.

Original advisory: Commvault says it’s time to rethink resiliency as AI crooks leave victims in a ‘dark, dead’ state