This article is more than 1 year old
Enterprise backup bods treat kit for ransomware code lurk
Hoping to purge it of backup attack loops
Backup software crew Asigra has put out a new version of its product which disinfects scanned backup files for ransomware to prevent restoration reloading code that screws with your data.
V14 of Asigra's backup product, called Cloud Backup Evolved (CBE), has added ransomware scanning to its backup and restore stream processes. Ransomware coders realised backed up data could be used to nullify a ransomware attack. So they started finding and deleting backups as part of their code assault on a victim business.
CBE v14 varies the name of its backup files to defeat recognition and also requires 2-factor authentication to delete a backup file.
The clever ransomware coders added a feature, Asigra’s EVP Eran Farajun says, that lets their software lurk in a victim’s system for a period and get added to backups, meaning the backups are infected with ransomware. Then the virus detonates, encrypts the victim’s data and says pay up to get it back.
If the victim refuses to pay, disinfects their system, and then restores presumed clean data from the backup then ransomware is restored as well, re-detonates and holds the victim for ransom afresh.
The longer the ransomware code’s lurk period, the more backup copies are infected, so going back to an earlier backup in the hunt fir clean data can still reload the virus and the business suffers recurrent attack loops.
CBE 14 scans for ransomware when both backing up and restoring files to prevent this.
It has also added GDPR features, such as the right to be forgotten, and days file-based backups are more practical to use when scanning fir right-to-be-forgotten data requests, than image-based backups. Asigra offers both styles of backs and suggests using image backups for shorter term attention and file-based ones for longer-term retention.
It has added support for containers and Office 365 groups. Support for O365 Teams and Archives is coming soon.
The CBE 14 software can provide recoveries of data for use cases such as DevOps, test and dev, search, and analytics; meeting the secondary data convergence and management features of competitors such as Actifio, Cohesity and Rubrik.
This software release also has a new Asigra Management Console (AMC), using Google Material Design concepts, to simplify and automate data management across multi-platform operating environments. ®