Sysadmin

7566 readers

1 users here now

A community dedicated to the profession of IT Systems Administration

No generic Lemmy issue posts please! Posts about Lemmy belong in one of these communities:
!lemmy@lemmy.ml
!lemmyworld@lemmy.world
!lemmy_support@lemmy.ml
!support@lemmy.world

founded 1 year ago

MODERATORS

DarraignTheSane@lemmy.world

00Lemming@lemmy.world

L3s@lemmy.world

Ransomware and Backups (lemmy.ml)

submitted 11 months ago by Lettuceeatlettuce@lemmy.ml to c/sysadmin@lemmy.world

12 comments fedilink hide all child comments

I'm confused about protecting backups from ransomware. Online, people say that backups are the most critical aspect to recovering from a ransomware attack.

But how do you protect the backups themselves from becoming encrypted too? Is it simply a matter of having totally unique and secure credentials for the backup medium?

Like, if I had a Synology NAS as a backup for my production environment's shared storage, VM backups, etc, hooked up to the network via gigabit, what stops ransomware malware from encrypting that Synology too?

Thanks in advance for the feedback!

you are viewing a single comment's thread
view the rest of the comments

[–] krigo666@lemmy.world 12 points 11 months ago (1 children)

If your backups are visible from the targeted systems, you are doing it wrong. Done right, a backup utility at most only uses an agent on the systems to be able to contact them to get the data and the backups are not reachable.

Have a look at how BackupPC works, not even an agent, it accesses network shares to get the data:

https://backuppc.github.io/backuppc/

[–] Lettuceeatlettuce@lemmy.ml 1 points 11 months ago (1 children)

I'll check out backupPC. What is the most common/best practices way to make sure the backup medium isn't accessible from any endpoints on the network?

[–] lmaydev@lemmy.world 3 points 11 months ago

Unplug it after the backup.