Beemo undetectable to ransomware

Backup :

As you probably know, one of the main arguments for Beemo backup is that the boxes are undetectable by ransomware.

In practical terms, how does it work ?

With a Beemo backup :

– the workstations are backed up using an agent that communicates with the box via a proprietary protocol including strong authentication
– the protocol used only allows data blocks to be sent to the box, it does not allow access to the storage space to modify the blocks there
– users of the machines to be backed up have no access and no rights to the backup storage space

This makes it impossible for a ransomware to directly affect the backups.
If the customer has subscribed to the “NAS” option on the Beemo, the file server part uses a standard protocol (SMB/CIFS) that can be exploited by ransomware. In any case, if a client uses this option, the NAS part must be backed up via a dedicated backup set which cannot be encrypted.

There are two scenarios if a backup is launched following the infection :

– if the ransomware renames the encrypted files, Beemo will save all new encrypted files and consider the original files deleted. This can cause data loss if the retention setting used is insufficient.
– if the ransomware does not change the name of the encrypted files, the Beemo will save a new version of all encrypted files. This can cause data loss if the versioning setting is insufficient.

In any case, the Beemo will store encrypted data that is of no use and may fill the available backup space and impact other backup sets.

Our recommendations for minimising the impact of ransomware :

– use file versioning of at least 15 days (ideally 30 days).
– use a minimum 15-day (ideally 30-day) retention of deleted files.
– always back up the data on the Beemo NAS.
– immediately disable all backup sets following a ransomware attack.

To date, hundreds of ransomwares have attacked networks with a Beemo. In each case, the saved data remained protected by the Beemo system.
Ransomware cannot modify files previously saved by a Beemo.

The data that passes through our cloud is encrypted by the Beemo box before being sent encrypted and stored encrypted.

Articles sur le même thème

Plus d'articles

Une question ? Un projet ?

N’hésitez pas à nous contacter !

0800 711 500

Contactez-nous