<div>
Another thing I forgot to mention, servers themselves shouldn't not get infected (unless you are talking terminal servers), as people would need to be directly working on the server itself to get the virus installed on it. So only the users' workstation would be running the virus. As the normal PC's shouldn't have access to the backup files, they can't easily get changed by any malware.
</div>


Another thing I forgot to mention, servers themselves shouldn't not get infected (unless you are talking terminal servers), as people would need to be directly working on the server itself to get the virus installed on it. So only the users' workstation would be running the virus. As the normal PC's shouldn't have access to the backup files, they can't easily get changed by any malware.

<div>
<div class="content wysiwyg-content">
We have seen a number of CryptoWall infections over the last couple of months. &nbsp;In one case, we had to pay the ransom. &nbsp;My question relates to the potential encryption of backups. &nbsp;We have a number of clients running Windows Server Backup on Server 2008 or 2012. &nbsp;We back up to an external drive on the server. &nbsp;Does CryptoWall affect the Windows Server backup file when the server has been infected? &nbsp;I know that the latest variation deletes Shadow Copies, but cannot find a reference to the Windows Backup file. &nbsp;Most of our clients use ShadowProtect and we send their backups offsite. &nbsp;I feel pretty safe with those clients. &nbsp;However, some clients use the built-in Windows Server backup and do not send offsite.
</div>
</div>


We have seen a number of CryptoWall infections over the last couple of months.  In one case, we had to pay the ransom.  My question relates to the potential encryption of backups.  We have a number of clients running Windows Server Backup on Server 2008 or 2012.  We back up to an external drive on the server.  Does CryptoWall affect the Windows Server backup file when the server has been infected?  I know that the latest variation deletes Shadow Copies, but cannot find a reference to the Windows Backup file.  Most of our clients use ShadowProtect and we send their backups offsite.  I feel pretty safe with those clients.  However, some clients use the built-in Windows Server backup and do not send offsite.

Cryptowall and Windows Server Backup

The term "Backup" means the methods and processes involved to copy computer data (system data as well as application data) to media other than the ones where the data originally live (disk, tape, optical, cloud). "Restore" in turn means the methods and processes involved in data recovery, i. e., bringing back copied computer data to their original location. Backup/Restore primarily serves as a means of protection against data loss, be it due to disaster, corruption or sabotage. It can also be used for recovering data from an earlier point in time and even for cloning machines or applications. There is a wide variety of backup/restore software available, from expensive commercial products to free or open source tools.

Storage Software

Windows Server 2012 is the server version of Windows 8 and the successor to Windows Server 2008 R2. Windows Server 2012 is the first version of Windows Server to have no support for Itanium-based computers since Windows NT 4.0. Windows Server 2012, now in its second release (Windows Server 2012 Release 2) includes Foundation, Essentials, Standard and Datacenter, and does not support IA-32 or IA-64 processors.

Windows Server 2012

Anti-virus software was originally developed to detect and remove computer viruses. However, with the proliferation of other kinds of malware, antivirus software started to provide protection from other computer threats. In particular, modern antivirus software can protect from malicious browser helper objects (BHOs), browser hijackers, ransomware, keyloggers, backdoors, rootkits, trojan horses, worms, malicious layered service providers (LSPs), dialers, fraud tools, adware and spyware. Some products also include protection from other computer threats, such as infected and malicious URLs, spam, scam and phishing attacks, online identity theft (privacy), online banking attacks, social engineering techniques, Advanced Persistent Threat (APT), botnets and DDoS attacks.