Ransomware: Backup won't Save You
Backup is only part of the equation for recovery from Ransomware
This morning, I recorded a podcast about Ransomware with Melissa Palmer (@vMiss33). We introduced Ransomware and why it’s something you should think about beyond just backups.
The podcast will publish next week. But I wanted to get out some essential takeaways beforehand.
Why isn’t back up enough for Ransomware recovery? Well, first off, sophisticated Ransomware targets your backup infrastructure. The first thing it does is go after critical infrastructures such as VMware vSphere and your backups. What happens if your on-disk backups are encrypted. Do you have tape? What if your catalogs were encrypted?
Even worse, what if the encryption was time lapsed with the malware encrypting 1K blocks in your Oracle DB to go undetected for 8-months? How would your recover when the known good backups are stale? Do you have a plan for recovering without losing as little data as possible?