Each night I connect from my 2016 Server to a Synology NAS via New-PSDrive to copy nightly backup from the Server to the Synology and this has worked with any issues until a few days ago.
I won’t go into the details of all the things that went wrong in a single day to allow this to happen, but some malware got onto the server and was beginning to encrypt the files. It just so happened by backup script ran, mapped the drive to the Synology and then those files were being encrypted.
In my limited understanding of how these things work, I’m guessing since my backup script mapped the drive, the malware just saw it as another folder and began doing it thing.
In my research I can across an article that says I can use Net Use command to use the UNC Path without having to assign a drive letter. The command I run inside PowerShell is net use \126.96.36.199\homes[folder] /user:[user] [password]
Once I run the above code I can access the Synology folder to copy my files. Before it was Z:\Backups and now it’s \188.8.131.52\homes\Backups. This works for me and I can update my script to use the UNC were needed. After I ran the net use command I checked explorer and didn’t see any signs of a new drive or folder (on the Synology).
So my question is would this change protect the files on the Synology if this were to happen again down the road? Does anyone know of any Consultants in the Raleigh, NC area?