Hello,
Suppose we backup VMs using the free edition to a network share. In a ransomware breach, are the backed up files infected? Does the paid edition make difference with the free in that case?
Best regards
Kostas
-
costasppc
- Influencer
- Posts: 22
- Liked: never
- Joined: Mar 30, 2014 2:39 pm
- Full Name: Kostas Backas
- Contact:
-
Mike Resseler
- Product Manager
- Posts: 8191
- Liked: 1322 times
- Joined: Feb 08, 2013 3:08 pm
- Full Name: Mike Resseler
- Location: Belgium
- Contact:
Re: Backed up files and Ransomware
Kostas,
It depends on the ransomware. We store our backups in a VBK format. If the ransomware actively targets that extension, then yes, the backup files itself can be infected.
There is no difference between the paid and free version. When you want to make sure that the backup files are not infected, you need to implement security on the file share so that the ransomware cannot use the current account from the VMs to browse the network. That's why you should look into a dedicated account to access the network share
Brgds,
Mike
It depends on the ransomware. We store our backups in a VBK format. If the ransomware actively targets that extension, then yes, the backup files itself can be infected.
There is no difference between the paid and free version. When you want to make sure that the backup files are not infected, you need to implement security on the file share so that the ransomware cannot use the current account from the VMs to browse the network. That's why you should look into a dedicated account to access the network share
Brgds,
Mike
-
costasppc
- Influencer
- Posts: 22
- Liked: never
- Joined: Mar 30, 2014 2:39 pm
- Full Name: Kostas Backas
- Contact:
Re: Backed up files and Ransomware
Thank you very much,
Thats what I will do in the 1st place, wondering if backup encryption from within the backup application will add an extra layer of security.
Best regards
Kostas
Thats what I will do in the 1st place, wondering if backup encryption from within the backup application will add an extra layer of security.
Best regards
Kostas
-
Mike Resseler
- Product Manager
- Posts: 8191
- Liked: 1322 times
- Joined: Feb 08, 2013 3:08 pm
- Full Name: Mike Resseler
- Location: Belgium
- Contact:
Re: Backed up files and Ransomware
Kostas,
Encryption within the backup layer won't provide you with an additional defense against this specific threat. It does against other things. But ransomware can still encrypt an already encrypted file
Encryption within the backup layer won't provide you with an additional defense against this specific threat. It does against other things. But ransomware can still encrypt an already encrypted file
-
Dima P.
- Product Manager
- Posts: 14726
- Liked: 1707 times
- Joined: Feb 04, 2013 2:07 pm
- Full Name: Dmitry Popov
- Location: Prague
- Contact:
Re: Backed up files and Ransomware
More likely backup copy job to another backup location, backup to rotated media (and storing this media offline) or backup to tape will help to keep you backups safe.wondering if backup encryption from within the backup application will add an extra layer of security.
-
costasppc
- Influencer
- Posts: 22
- Liked: never
- Joined: Mar 30, 2014 2:39 pm
- Full Name: Kostas Backas
- Contact:
Re: Backed up files and Ransomware
Backup to another location is what we will use.
Best regards
Kostas
Best regards
Kostas
-
Andreas Neufert
- VP, Product Management
- Posts: 7081
- Liked: 1511 times
- Joined: May 04, 2011 8:36 am
- Full Name: Andreas Neufert
- Location: Germany
- Contact:
Re: Backed up files and Ransomware
General Tips for Backup Targets in such situations:
If you place Backups (and BCJ Backup Files) on Windows Repositories, do not add these Server to a domain. User other Windows accounts and passwords as usual. Only give Veeam the Username and password. Do not login from any other windows system to this server. Use a console connection if needed.
Place your backup on Linux Repositories that are as well not member of any domain or other central accessible system.
If you use CIFS shares or Dedup Devices. Only give Veeam the account. Do not add the share to the windows system and do not login/connect from any other system to it.
If possible you can create snapshots on the target storage system to have a "copy" that is not in the reach of any software/account.
Backup 2 Tape can protect you as well.
If you place Backups (and BCJ Backup Files) on Windows Repositories, do not add these Server to a domain. User other Windows accounts and passwords as usual. Only give Veeam the Username and password. Do not login from any other windows system to this server. Use a console connection if needed.
Place your backup on Linux Repositories that are as well not member of any domain or other central accessible system.
If you use CIFS shares or Dedup Devices. Only give Veeam the account. Do not add the share to the windows system and do not login/connect from any other system to it.
If possible you can create snapshots on the target storage system to have a "copy" that is not in the reach of any software/account.
Backup 2 Tape can protect you as well.
-
foggy
- Veeam Software
- Posts: 21139
- Liked: 2141 times
- Joined: Jul 11, 2011 10:22 am
- Full Name: Alexander Fogelson
- Contact:
Re: Backed up files and Ransomware
Another useful thread regarding similar matter.
-
ChrisSnell
- Technology Partner
- Posts: 126
- Liked: 18 times
- Joined: Feb 28, 2011 5:20 pm
- Full Name: Chris Snell
- Contact:
Re: Backed up files and Ransomware
One great way to protect your backups from ransomware is to use ExaGrid appliances with Veeam. Using the Veeam DataMover ensures that the only way to find the Veeam backups is through the Veeam GUI, they aren't visible on the network like normal. Veeam Accelerated Data Mover shares require a separate Veeam password and are accessible only via SSH, which also reduces the chance of malicious access to Veeam backups
Who is online
Users browsing this forum: Majestic-12 [Bot] and 76 guests