We have seen a number of CryptoWall infections over the last couple of months. In one case, we had to pay the ransom. My question relates to the potential encryption of backups. We have a number of clients running Windows Server Backup on Server 2008 or 2012. We back up to an external drive on the server. Does CryptoWall affect the Windows Server backup file when the server has been infected? I know that the latest variation deletes Shadow Copies, but cannot find a reference to the Windows Backup file. Most of our clients use ShadowProtect and we send their backups offsite. I feel pretty safe with those clients. However, some clients use the built-in Windows Server backup and do not send offsite.