ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Backup File Server to DAS

    Scheduled Pinned Locked Moved IT Discussion
    dasstoragebackupfile server
    497 Posts 13 Posters 411.7k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • scottalanmillerS
      scottalanmiller @DustinB3403
      last edited by

      @DustinB3403 said:

      @Jason said:

      @IT-ADMIN said:

      because even the ransom will not benefit form the data itself, his concern is wining money

      Not necessarily true.

      Jason the ransom demand maker generally isn't trying to sell trade secrets, they might get lucky and encrypt someone with this kind of information.

      But they aren't copying the data. They're simply encrypting it locally, and passing the decryption key to their server(s).

      So it is true... the ransomers' are not profiting from the data, only from the ransom.

      That is generally true but not universally.

      1 Reply Last reply Reply Quote 0
      • J
        Jason Banned @DustinB3403
        last edited by

        @DustinB3403 said:

        I've yet to see a Cryptoware variant that exports data off of a victims system.

        Please name 1.

        This malware needs to act quickly. It doesn't have time to dick around and upload potentially TB or more of data to encrypt it.

        Just stop trolling, because you clearly are.

        Yes, I'm trolling when we have a IT forenstics team that looks into our attempted attacks. We know what goes on with these, we've looked into it heavily.

        1 Reply Last reply Reply Quote 0
        • scottalanmillerS
          scottalanmiller @IT-ADMIN
          last edited by

          @IT-ADMIN said:

          OK, can a restore point decrypte the ransomed data ??

          Not decrypt! Nothing can decrypt except the key that you get when you pay the ransom.

          If you roll back to BEFORE the data was encrypted AND the restore point itself was not encrypted then you are okay.

          IT-ADMINI 1 Reply Last reply Reply Quote 0
          • scottalanmillerS
            scottalanmiller @DustinB3403
            last edited by

            @DustinB3403 said:

            This malware needs to act quickly. It doesn't have time to dick around and upload potentially TB or more of data to encrypt it.

            Thats not true. It needs to encrypt quickly. Once encrypted it has free time to upload all that it can.

            1 Reply Last reply Reply Quote 0
            • IT-ADMINI
              IT-ADMIN @scottalanmiller
              last edited by

              @scottalanmiller said:

              @IT-ADMIN said:

              OK, can a restore point decrypte the ransomed data ??

              Not decrypt! Nothing can decrypt except the key that you get when you pay the ransom.

              If you roll back to BEFORE the data was encrypted AND the restore point itself was not encrypted then you are okay.

              for this reason it is very recommended to store your system images in another physical storage not on the same machine

              J scottalanmillerS 2 Replies Last reply Reply Quote 0
              • J
                Jason Banned @IT-ADMIN
                last edited by Jason

                @IT-ADMIN said:

                @scottalanmiller said:

                @IT-ADMIN said:

                OK, can a restore point decrypte the ransomed data ??

                Not decrypt! Nothing can decrypt except the key that you get when you pay the ransom.

                If you roll back to BEFORE the data was encrypted AND the restore point itself was not encrypted then you are okay.

                for this reason it is very recommended to store your system images in another physical storage not on the same machine

                Not just that but preferably with a system that can lock it as read-only once it's backed up. Which is great for audits as well.

                scottalanmillerS 1 Reply Last reply Reply Quote 0
                • scottalanmillerS
                  scottalanmiller @IT-ADMIN
                  last edited by

                  @IT-ADMIN said:

                  @scottalanmiller said:

                  @IT-ADMIN said:

                  OK, can a restore point decrypte the ransomed data ??

                  Not decrypt! Nothing can decrypt except the key that you get when you pay the ransom.

                  If you roll back to BEFORE the data was encrypted AND the restore point itself was not encrypted then you are okay.

                  for this reason it is very recommended to store your system images in another physical storage not on the same machine

                  Correct, but it would need to be one that is decoupled, which is very difficult to do.

                  1 Reply Last reply Reply Quote 0
                  • scottalanmillerS
                    scottalanmiller @Jason
                    last edited by

                    @Jason said:

                    @IT-ADMIN said:

                    @scottalanmiller said:

                    @IT-ADMIN said:

                    OK, can a restore point decrypte the ransomed data ??

                    Not decrypt! Nothing can decrypt except the key that you get when you pay the ransom.

                    If you roll back to BEFORE the data was encrypted AND the restore point itself was not encrypted then you are okay.

                    for this reason it is very recommended to store your system images in another physical storage not on the same machine

                    Not just that but preferably with a system that can lock it as read-only once it's backed up. Which is great for audits as well.

                    Decoupled or locked, as Jason points out. It needs to be read only or it will get ransomed too.

                    1 Reply Last reply Reply Quote 0
                    • IT-ADMINI
                      IT-ADMIN
                      last edited by

                      i guess setting up an account on the backup destination so that veeam authenticate against will make the backup decoupled

                      scottalanmillerS 1 Reply Last reply Reply Quote 0
                      • scottalanmillerS
                        scottalanmiller @IT-ADMIN
                        last edited by

                        @IT-ADMIN said:

                        i guess setting up an account on the backup destination so that veeam authenticate against will make the backup decoupled

                        No, if ANYTHING running on your server can talk to the storage, it is not decoupled. That is tightly coupled. Things like Unitrends appliances stand BETWEEN your systems and the backup storage. That's lightly decoupled. Tapes are fully decoupled.

                        1 Reply Last reply Reply Quote 0
                        • StrongBadS
                          StrongBad
                          last edited by

                          I have heard that a lot of the ransoms are on the low side. Under $1000. Which is a lot of money, but not crippling. Generally a no brainer to a business.

                          1 Reply Last reply Reply Quote 0
                          • J
                            Jason Banned
                            last edited by

                            Many look into Dell Appassure for backups. I don't think you pay for windows though so not sure you would for this.

                            scottalanmillerS 1 Reply Last reply Reply Quote 0
                            • scottalanmillerS
                              scottalanmiller @Jason
                              last edited by

                              @Jason said:

                              Many look into Dell Appassure for backups. I don't think you pay for windows though so not sure you would for this.

                              That's going to be an issue. Everything that does decoupled backups is going to be non-free or require virtualization at least.

                              DashrenderD 1 Reply Last reply Reply Quote 0
                              • DashrenderD
                                Dashrender @scottalanmiller
                                last edited by

                                @scottalanmiller said:

                                @Jason said:

                                Many look into Dell Appassure for backups. I don't think you pay for windows though so not sure you would for this.

                                That's going to be an issue. Everything that does decoupled backups is going to be non-free or require virtualization at least.

                                What about Veeam End Point Protection?

                                coliverC scottalanmillerS 2 Replies Last reply Reply Quote 0
                                • coliverC
                                  coliver @Dashrender
                                  last edited by

                                  @Dashrender said:

                                  @scottalanmiller said:

                                  @Jason said:

                                  Many look into Dell Appassure for backups. I don't think you pay for windows though so not sure you would for this.

                                  That's going to be an issue. Everything that does decoupled backups is going to be non-free or require virtualization at least.

                                  What about Veeam End Point Protection?

                                  I'm having a bit of Dejavu here.

                                  DashrenderD 1 Reply Last reply Reply Quote 0
                                  • DashrenderD
                                    Dashrender @coliver
                                    last edited by

                                    @coliver said:

                                    @Dashrender said:

                                    @scottalanmiller said:

                                    @Jason said:

                                    Many look into Dell Appassure for backups. I don't think you pay for windows though so not sure you would for this.

                                    That's going to be an issue. Everything that does decoupled backups is going to be non-free or require virtualization at least.

                                    What about Veeam End Point Protection?

                                    I'm having a bit of Dejavu here.

                                    Well I'm not going to say it can't be scheduled.. so there 😛

                                    1 Reply Last reply Reply Quote 0
                                    • scottalanmillerS
                                      scottalanmiller @Dashrender
                                      last edited by

                                      @Dashrender said:

                                      @scottalanmiller said:

                                      @Jason said:

                                      Many look into Dell Appassure for backups. I don't think you pay for windows though so not sure you would for this.

                                      That's going to be an issue. Everything that does decoupled backups is going to be non-free or require virtualization at least.

                                      What about Veeam End Point Protection?

                                      Not decoupled AFAIK, in any way.

                                      coliverC 1 Reply Last reply Reply Quote 0
                                      • coliverC
                                        coliver @scottalanmiller
                                        last edited by

                                        @scottalanmiller said:

                                        @Dashrender said:

                                        @scottalanmiller said:

                                        @Jason said:

                                        Many look into Dell Appassure for backups. I don't think you pay for windows though so not sure you would for this.

                                        That's going to be an issue. Everything that does decoupled backups is going to be non-free or require virtualization at least.

                                        What about Veeam End Point Protection?

                                        Not decoupled AFAIK, in any way.

                                        The risk though can be reduced by using a different user account and only using it for this one application.

                                        scottalanmillerS 1 Reply Last reply Reply Quote 0
                                        • scottalanmillerS
                                          scottalanmiller @coliver
                                          last edited by

                                          @coliver said:

                                          @scottalanmiller said:

                                          @Dashrender said:

                                          @scottalanmiller said:

                                          @Jason said:

                                          Many look into Dell Appassure for backups. I don't think you pay for windows though so not sure you would for this.

                                          That's going to be an issue. Everything that does decoupled backups is going to be non-free or require virtualization at least.

                                          What about Veeam End Point Protection?

                                          Not decoupled AFAIK, in any way.

                                          The risk though can be reduced by using a different user account and only using it for this one application.

                                          Yes, but that is the only gap that there is. It is fully coupled to the network.

                                          coliverC 1 Reply Last reply Reply Quote 0
                                          • coliverC
                                            coliver @scottalanmiller
                                            last edited by

                                            @scottalanmiller said:

                                            @coliver said:

                                            @scottalanmiller said:

                                            @Dashrender said:

                                            @scottalanmiller said:

                                            @Jason said:

                                            Many look into Dell Appassure for backups. I don't think you pay for windows though so not sure you would for this.

                                            That's going to be an issue. Everything that does decoupled backups is going to be non-free or require virtualization at least.

                                            What about Veeam End Point Protection?

                                            Not decoupled AFAIK, in any way.

                                            The risk though can be reduced by using a different user account and only using it for this one application.

                                            Yes, but that is the only gap that there is. It is fully coupled to the network.

                                            Yes, that adds a huge amount of risk.

                                            1 Reply Last reply Reply Quote 0
                                            • 1
                                            • 2
                                            • 8
                                            • 9
                                            • 10
                                            • 11
                                            • 12
                                            • 24
                                            • 25
                                            • 10 / 25
                                            • First post
                                              Last post