greeting from newbie
last month, our neighboring company was attacked by ransomware,
it become worst because their datastore is encrypted too, they still use vmware 5.5
from investigation, they analyze that one server made network drives directly to the datastore,
that's why ransomware is able to attack and encrypted the datastore.
i want to know if it is possible to create a network drive directly?
if attack the datastore is possible, I think veeam replicated server will be useless.
Best answer by MicoolPaul
There’s been speculation of ransomware on ESXi but it appeared to be nothing more than an unsecured host that was connected to and someone executing a payload.
Replicas and Backups are different and protect from different events. But in both scenarios, good security policies are an excellent line of defence.
Going back to your original point of connecting directly to the datastore, whilst I’m speculating here it’s likely it was an NFS datastore that wasn’t sufficiently secured to be accessed by specific devices only.