I know our fellow friends at Veeam tell us all the time why offsite backups are import, but here is one of the worse case scenarios that has just played out for a company in Australia,
While our server admin was distracted by the DDoS attack, the hackers simultaneously infiltrated the server, escalated their privileges and delivered a seek and destroy payload. This payload located and destroyed all backup disk drives....
https://www.crn.com.au/news/perth-web-h ... ost-496455?
Also ensure you test your offsite backups too, a backup is not a backup unless it can be restored.