Simply stated, if you can "see" your backups from your computer or server, they are exposed to hackers.
For example, you have a USB drive with the letter F: for backups. You can see it in Windows File Explorer.
Unfortunately, hackers can attack these onsite backups unless you, and they, can't see them.
How do you make your local backups invisible to cyber attackers?
A network attached storage (NAS) device delivers the most automatic, trouble-free, protected, unexposed defense against an attack against your priceless files and data.You get an impressive level of protection for as little as $137 using a Synology DS120j - $99.99 and an HP Constellation or HGST renewed 2 TB enterprise-quality drive - $36.99. The Synology NAS comes with backup programs to protect your files.
The trick with a NAS is not to map your backup folder as a drive. You don't want to see it. That way, hackers won't see it either. Make the NAS backup folder accessible only to a particular user that you define in the NAS, not in your network or you computer. Your backup software connects with that user. You keep the username, password and instructions in a safe location in case you need to restore files from your NAS backups.
You can achieve a similar result with an external hard drive. It is not quite as safe and a bit more complicated to set up. But your cost drops to $54 for a 2TB USB hard drive. A tiny utility program can be used to mount your external hard drive before each backup and unmount it afterwards. This approach is less safe because smart malware knows how to look for and mount your unmounted drives. Still, it gives you protection against a wide range of garden-variety malware.
Don't forget that you need multiple defenses to counter the range of cyber threats. Cloud backups are your lifeboat if a flood, hurricane, tornado, break-in or fire destroys your computers and your onsite backups. Excellent antivirus systems and firewalls can stop criminals from breaching your systems, stealing your files and extorting you.