I’m confused about protecting backups from ransomware. Online, people say that backups are the most critical aspect to recovering from a ransomware attack.

But how do you protect the backups themselves from becoming encrypted too? Is it simply a matter of having totally unique and secure credentials for the backup medium?

Like, if I had a Synology NAS as a backup for my production environment’s shared storage, VM backups, etc, hooked up to the network via gigabit, what stops ransomware malware from encrypting that Synology too?

Thanks in advance for the feedback!

  • @dack
    link
    101 year ago

    Immutable/offline backups. If you backup to local physical media (HDD/tape), physically disconnect/eject it and store it somewhere safe. If you back up to cloud storage (S3, etc), many of them have immutability options. If configured properly nobody (not even you) can delete or modify the backups (within the specified time period).