From what I've read, ransomware triggers, and starts encrypting your .mdf .ldf and database backup files. (as well as others).
Now, also they say that malware can sit on your box for months or more before it triggers.
Here's the question: A person I work with says that it attaches immediately to the database, but doesn't trigger the encryption until months later, so all your backups now have this ransomware attached to it.
That sounds like hooey to me that it is attached to your backups and the backup itself is the executable that starts the encryption, etc.
Facts on this please? Thanks!
And does anyone know WHY they wait for months to trigger it?
Our community of experts have been thoroughly vetted for their expertise and industry experience.
The Most Valuable Expert award recognizes technology experts who passionately share their knowledge with the community, demonstrate the core values of this platform, and go the extra mile in all aspects of their contributions. This award is based off of nominations by EE users and experts. Multiple MVEs may be awarded each year.
The Distinguished Expert awards are presented to the top veteran and rookie experts to earn the most points in the top 50 topics.