Chad Callihan notes an increasingly dangerous problem:
I’m guessing that we’ve all dealt with a computer virus or malware at some point in our lives. Dealing with these issues can range from annoying to absolutely devastating.
Even at their worst, viruses or malware are not typically on the same level as a ransomware attack. Sure, you may hate not being able to access your games or documents on your laptop due to a virus. But when a company is attacked with ransomware there are more financial complications.
Ransomware has picked up steam in recent years, making the idea of keeping backups air-gapped more appealing.
I chatted with a consulting client of mine yesterday about this very thing. One of their customers was hit by a major ransomware attack which put them behind for an entire year (and would have been considerably worse if they hadn’t been using my client’s software, as it has both cloud and on-prem components, so they could safely fall back to the cloud side while they rebuilt their entire on-prem infrastructure from scratch). Recent ransomware will not only encrypt the files on local disk but will also try to figure out where backups get stored, access that location using the backup service account, and encrypt those backup files as well.