The big change is that many places now send data to an offsite location (or cloud!) through a network instead of physically moving tapes, and the attacker can often use the same network connection to destroy backups.
I think most backup providers (e.g. rsync.net) allow and encourage read-only backups.
The bigger issue is that nowadays organizations have lots of interdependent systems, and if you seize the data of one, you basically cripple the entire organization. So for each system you need to institutionally require both backups and backup testing procedures, which is easier said than done.
The bigger issue is that nowadays organizations have lots of interdependent systems, and if you seize the data of one, you basically cripple the entire organization. So for each system you need to institutionally require both backups and backup testing procedures, which is easier said than done.