- Recent Marks & Spencer attack reveals flaws in current enterprise backup strategies
- HyperBUNKER pushes offline storage while critics question cost and practicality
- Data diodes create one-way channels, keeping vaults disconnected from networks
Major UK retailer Marks & Spencer (M&S) was recently hit by a ransomware attack WHICH disrupted internal systems and reportedly locked employees out of critical files.
The incident is part of a broader trend of cybercriminals targeting large organizations with ransomware attacks and demanding payment to restore access.
This hack could have been prevented if backups were isolated, thereby preventing attackers from encrypting or deleting M&S’s data, but this “unhackable” approach brings its own financial burdens.
Data diodes and physical isolation as last-resort protection
HyperBUNKER, a Zagreb-based spinoff of InfoLAB, promotes its diode-based offline vault as a safeguard against such breaches.
This system writes backups using data diode technology, a method that creates a strictly one-way “data-in” channel.
The backups are stored on SSDs or disk drives in a rack-shelf chassis, disconnected entirely from external networks.
This idea, familiar in nuclear facilities and military installations, has rarely been seen in everyday enterprise data protection.
The company insists its vault remains invisible within network infrastructures and therefore unreachable to hackers.
“You see servers and drives shipped in [to InfoLAB] from all over Europe, companies locked out of their own data. And why does this happen if they have perfect cyber protection tools?” investor and advisor Matt Peterman told Blocksandfiles.
“Sometimes, it is due to hardware failure, and often due to ransomware. And in those ransomware cases, Nino [Nino Eškić, InfoLAB’s CEO] could do very little except suggest negotiating through brokers. That frustration is what pushed him to design an offline protection that actually preserves the most critical data.”
HyperBUNKER claims its patented optical isolation and “butlering logic,” introduced in October 2024, avoids vulnerabilities tied to network protocols or handshake exploits that have plagued earlier diode-based systems.
Despite its promise, the concept raises concerns because traditional backups have collapsed or were bypassed in the past.
This happened in cases involving Capital Health, Community Health Systems, Veeam clients, and the NHS.
Offline storage is not a magic shield, although HyperBUNKER claims “the only vulnerability is the physical theft of the device.”
Distributing units and encrypting stored data can reduce risk, yet doing so multiplies logistical and financial demands.
Enterprises already juggling multiple backup solutions might hesitate to invest in a secondary “backup of backups.”
While the device is marketed as simple, removing dependence on complex protocol stacks, its effectiveness depends on careful handling and secure locations.
Businesses weighing this approach must consider whether the costs, logistics, and potential for physical theft outweigh the protection offered.
Add Comment