[Info-vax] OpenVMS x64 Atom project
Arne Vajhøj
arne at vajhoej.dk
Sat Jun 5 19:55:19 EDT 2021
On 6/5/2021 7:28 AM, Phillip Helbig (undress to reply) wrote:
> In article <mn.2aa97e56e8d0753c.104627 at invalid.skynet.be>, Marc Van Dyck
> <marc.gr.vandyck at invalid.skynet.be> writes:
>>> One of the ransom cases I've cleaned up after some years ago had the
>>> perpetrator silently corrupt multiple backups over time, deeper than the
>>> organization's backup rotation schedule. The perpetrator then ransomed the
>>> only remaining good copy of the organization's databases. In recent ransom
>>> attacks on other platforms, the attackers have been active in the target
>>> organization's networks for weeks and months, too.
>>>
>> I suppose that people in this organization never tried restores ? Doing
>> regular restores to ensure the integrity of your backups is one of the
>> major recommendations, isn't it ?
>
> Yes, there is little point in doing a backup if you don't test the
> restore. But imagine, say, a database of several hundred terabytes.
> Even if you can restore it, you can't necessarily tell if the data are
> somehow corrupt. Yes, checksums and so on will catch some things, but
> not all.
Traditional BACKUP only works good on a system with no activity.
BACKUP/IGNORE=INTERLOCK does not solve the problem.
To get a consistent backup of a large database, without significant
downtime, then one need a snapshot capability where updates after
time T does not change what is being backed up.
I believe modern storage systems can do that easily. Even though
I do not know much about the details - last time I was responsible
for backups then DAT tapes was cool.
Arne
More information about the Info-vax
mailing list