![]() (In fact, we issued an alert about this back in December 2013, together with suggestions on how to mitigate the risks – Cryptolocker and the backup impact) ![]() This is an example of the most obvious way that ransomware can infect your backups – from the outside – encrypting the backup file(s) just like it would any other file. So yes, your backups can be infected by ransomware.Īs the hapless admin found out that day, ransomware can infect and corrupt any file connected to the infected machine, whether locally or via a network. The ransomware sprang back to life, and started to encrypt the backup. After the computer passed all the tests, he rebooted and undertook the next step – to plug in the backup (which was a USB disk) and restore the encrypted files.Īnd as he plugged in that backup USB disk… BANG. So he stepped in to help… isolating the computer, booting into a recovery environment and running malware removal tools. His company had suffered a ransomware infection, and this rapidly encrypted files on the victim’s computer. “Ransomware killed my backup!” – but how can this happen?Ī few years ago, a sysadmin called our tech support hotline – and he was not having a good day. And if you become a victim, it’s no different to skydiving with torn parachute – at best you have illusion of resilience, only to find out the truth too late. Looking at the epidemic of ransom payments, it’s obvious that backups can fail with alarming regularity. So can ransomware infect and destroy your backup? There’s nothing worse than having a backup, getting hit with ransomware and still having to pay the ransom.
0 Comments
Leave a Reply. |