https://community.hpe.com/t5/storeonce-backup-storage/hpe-storeonce-ransomware-attacks/m-p/7190196#M2516 <P>hi guys,</P><P>&nbsp;</P><P>we are using veeam software to backup our data to storeonce then backuped again to a MSL tape library, i wanted to know is there any chance when the production environment was attacked by ransomware , could the backup infrastructure(storeonce+ MSL) and even the data backuped on them be affected?</P><P>&nbsp;</P><P>regsrd,</P><P>Ledvan.</P> Tue, 20 Jun 2023 03:14:31 GMT ledvan 2023-06-20T03:14:31Z https://community.hpe.com/t5/storeonce-backup-storage/hpe-storeonce-ransomware-attacks/m-p/7190196#M2516 <P>hi guys,</P><P>&nbsp;</P><P>we are using veeam software to backup our data to storeonce then backuped again to a MSL tape library, i wanted to know is there any chance when the production environment was attacked by ransomware , could the backup infrastructure(storeonce+ MSL) and even the data backuped on them be affected?</P><P>&nbsp;</P><P>regsrd,</P><P>Ledvan.</P> Tue, 20 Jun 2023 03:14:31 GMT https://community.hpe.com/t5/storeonce-backup-storage/hpe-storeonce-ransomware-attacks/m-p/7190196#M2516 ledvan 2023-06-20T03:14:31Z https://community.hpe.com/t5/storeonce-backup-storage/hpe-storeonce-ransomware-attacks/m-p/7190253#M2517 <P>I have seen Ransomware attacks, where they formatted Tapes inside the Library.</P><P>So I would advise:</P><P>- Use Veeam 12 with Catalyst and the Immutable Feature for StoreOnce</P><P>- Activate Dual Authentication on StoreOnce</P><P>- Remove Tape from Libary after Backup</P><P>- Do not use AD login for Backup Server / Veeam / StoreOnce</P><P>There is a very useful Dokument, I can recommend:</P><P><A href="https://www.hpe.com/psnow/doc/a00023056enw" target="_blank" rel="noopener">HPE Reference Configuration for Veeam Backup &amp; Replication version 12 with HPE StoreOnce and HPE StoreEver</A></P><P>Cali</P><P>&nbsp;</P> Mon, 19 Jun 2023 18:44:04 GMT https://community.hpe.com/t5/storeonce-backup-storage/hpe-storeonce-ransomware-attacks/m-p/7190253#M2517 Cali 2023-06-19T18:44:04Z https://community.hpe.com/t5/storeonce-backup-storage/hpe-storeonce-ransomware-attacks/m-p/7190381#M2518 <P>Hi cali,</P><P>my main concern is about Storeonce, although its isolated from network but im still wondering if ransomeware hit the network and we have used COFC, would there be any risk for the data on catalyst?its not practical to use immutable backup for us due to capacity limit</P><P>&nbsp;</P><P>regards,</P><P>&nbsp;</P> Wed, 21 Jun 2023 09:26:09 GMT https://community.hpe.com/t5/storeonce-backup-storage/hpe-storeonce-ransomware-attacks/m-p/7190381#M2518 ledvan 2023-06-21T09:26:09Z https://community.hpe.com/t5/storeonce-backup-storage/hpe-storeonce-ransomware-attacks/m-p/7190390#M2519 <P>Hello&nbsp;<a href="https://community.hpe.com/t5/user/viewprofilepage/user-id/2079195">@ledvan</a>,</P><P>I found a related technical paper for your reference. Hope this might give you some insight:&nbsp;<A href="https://www.hpe.com/psnow/doc/a00042003enw" target="_blank">https://www.hpe.com/psnow/doc/a00042003enw</A>&nbsp;</P><P>Thanks &amp; Regards,</P><P>Ashik N S</P> Wed, 21 Jun 2023 10:46:58 GMT https://community.hpe.com/t5/storeonce-backup-storage/hpe-storeonce-ransomware-attacks/m-p/7190390#M2519 neutral 2023-06-21T10:46:58Z https://community.hpe.com/t5/storeonce-backup-storage/hpe-storeonce-ransomware-attacks/m-p/7190918#M2521 <P>Hello&nbsp;<SPAN>Ledvan,</SPAN></P> <P>Let us know if you were able to resolve the issue.</P> <P>If you have no further query and you are satisfied with the answer then kindly mark the topic as Solved so that it is helpful for all community members.</P> Wed, 28 Jun 2023 13:59:32 GMT https://community.hpe.com/t5/storeonce-backup-storage/hpe-storeonce-ransomware-attacks/m-p/7190918#M2521 Sunitha_Mod 2023-06-28T13:59:32Z