Hi, Stefan Monnier wrote: > Plain old HDDs and SSDs also work for "immutable" backups: just don't > keep them connected to the host after you've done the backup.
But how do you keep the system from messing them up during the first backup after the malware took over ? Reco wrote before i asked above question: > > It's a really simple concept - one host is doing the backup, another one > > controls where and how it written. > > To inflict some damage, one has to compromise both, and frankly if one > > does not protect their backups properly one has bigger problems to worry > > about than a "ransomware attack". In the hypothetical attack scenario the malware is able to encrypt files to which not everybody is supposed to be able to write. So the attacker already got the fingers deep in the system and - if applicable - in the network. The demand for ransom is only the payload of a skilled system takeover. So i think the concept of an "immutable" backup is of value in case the data are worth more than 50 cent per 25 GB and don't exceed a few hundred GB. The use of write-once-read-many media is a fine component of a backup strategy which puts emphasis on protecting the older backups from being altered or destroyed after the malware took over. (I fail to find in the list archive the post by which this idea was proposed first. So i cannot properly attribute the merit of having introduced it here.) > > Of course, not doing any backups at all is equally bad. Especially since Layer 8 (aka PEBKAC aka ID-10-T) as main threat to data integrity has not lost any of its damage potential. Have a nice day :) Thomas
