My First Step as a Hacker

Partnership: SafeSpring x IssTech
Written By Christian Petersson

This autumn, the team at IssTech will create a series of blogs and videos. As a Kubernetes Backup Expert, writing this blog post, I will be pretending to be a hacker. In this series, I will, in theory, "hack" one of our customer's Kubernetes environments to see if they can recover from each attack without a backup.

Why This Experiment?

This experiment is a collaboration between IssTech and SafeSpring. At IssTech, we’re beginning to observe this trend, though we’re still on a learning curve when it comes to fully understanding the role of backup in Kubernetes. As part of this initiative, we’ve involved one of our customers who manages multiple Kubernetes deployments. They believe backup may not be necessary, and they’re ready to prove us wrong. 

Throughout 2024 and 2025, the team at IssTech met with numerous Kubernetes engineers, especially consultants, who are focused solely on Infrastructure as Code and are hired to set up a Kubernetes environment and a CI/CD pipeline. Many of them have told us at IssTech that a "proper" Kubernetes environment doesn't need a backup. As experts in the area of backup, this isn't the first time we've heard this. The same claim was made when the following technologies were announced:

  • Snapshots

  • Microsoft Exchange Database Availability Group

  • Microsoft 365

  • Google Workspace

  • Cloud infrastructure, and more.

And as experts, we have always maintained that you need a backup, it won't protect you from everything, but it is essential. So far, we've been 100% correct. I can understand why some believe that. If the only problems in our IT infrastructure were hardware failures and human mistakes, technologies like High Availability Clusters, Dual Clusters, Erasure Coding, and container security controls (AppArmor) would protect you in 99.999999999% of cases. 

However, today, hardware failures and the famous legacy "Windows Blue Screen" are not the most common disasters. Today, the most common disaster is ransomware. In 2025, almost everyone backs up their cloud infrastructure and SaaS services like Online LDAP (Entra ID), CRM (Salesforce), and Online E-mail systems (Microsoft 365). But very few are backing up their Kubernetes environments. Why?

Protect for external Ransomware, but not the internal threats

Ransomware is a commonly-named threat, and I'm sure that all companies are protecting themselves against it in some way. We at IssTech build multiple walls of protection by educating staff to be suspicious, implementing tools like XDRs to identify suspicious behaviors with AI, and using firewalls and proxies to minimize the risk of incoming and outgoing communications. We even use AI scanning tools to search our code and its dependencies for CVEs.

But the real issue is probably not someone knocking on your front door and trying to step in. The problem could rather be internal. Maybe one of your employees had too much fun last weekend, maxed out their credit card, and now needs money to pay the bill. Or perhaps they have a gambling problem or are just angry at your company because of a bad manager.

A scenario which has happened: you have a trusted provider who has been hacked, and their computer or software is now infecting your environment. Happening to a large grocery chain in Sweden, where a trusted piece of software was hacked and encrypted a significant number of their servers.

Whatever the reason, sooner or later, your company will face a hack. During this blog series, we'll discuss multiple disaster scenarios. A few will be easy to solve without a backup, but the deeper we go down this rabbit hole, the more we'll find scenarios where your only option is to have an immutable backup solution that protects your data and containers. It will be the only way out.

What is IssTech?

IssTech is a dynamic company specializing in data protection for modern IT environments, from Kubernetes and automation to cloud and SaaS. Our goal is simple: to keep you secure when it matters most. With over 20 years of industry experience behind us, we combine deep expertise with a passion for innovation. As a fast-growing company, we work with leading businesses to deliver secure, future-proof solutions in DevOps and cloud. 

Join our newsletter and follow IssTech on our journey, "My Life as a Hacker."

Christian Petersson
Next

Installing GitLab + Backup on Kubernetes - Part 1