I read this as concerning ransomware attacks. Thankfully I have yet to hear about ransomware that disables and destroys backups, but I would not be surprised if that was a next move.
Duplicati can support this (as mentioned by @JonMikelV)m, because Duplicati is designed to never update a remote file. You need to have a backend that allows you to write new files, but not update or delete the files.
If you have that, you can simply set “keep backups forever” and --no-auto-compact and you are good to go.
I know that S3 can be set up with an IAM policy that prevents deletion, but it does not prevent overwriting a file (uploading a new zero byte file has the same effect really). You can set up S3 buckets to make a copy of new files, but this will cost you in storage fees.
If you have control over the server, you can set permissions to “read-only” a little while after a file has been uploaded to achieve the same effect.