Here I am talking about backup encryption, which is performed by Veeam. Not by a hacker. It is a good idea to enable this feature.
Why to monitor this? A attacker could enable backup encryption or change existing encryption key without being noticed. If so, backup jobs continue to run without any problem. But you are not able to use them for restore because you simple cannot decrypt them!
For monitoring encryption password changes reports Backup Objects Change Tracking and Backup Infrastructure Audit can be used. With this reports you see when encryption password was created or modified.
To control if somebody selected another encryption password from the list, use the report Job Configuration Change Tracking.
For more information see my full feature blog post here:
https://vnote42.net/2022/02/09/monitor-hardened-repository-with-veeam-one-v11a/
