FAQ: New Malware Detection capability in Barracuda Cloud-to-Cloud Backup

At a recent Barracuda webinar (now available on demand), a panel of our top data-protection experts presented the newest capabilities and features that have been added to, or made available for, our core data protection solutions, Barracuda Backup, and Barracuda Cloud-to-Cloud Backup.

One of those new capabilities is Malware Detection for Barracuda Cloud-to-Cloud Backup. I described what it does in some detail in this blog post from December announcing that it was live.

But following last week’s webinar, a number of questions were posted by attendees. And so we thought it would be a good idea to create a FAQ-style blog post to address all those questions. And here it is!

What is Malware Detection for Cloud-to-Cloud Backup?

It’s really pretty simple. Any time you restore data from Cloud-to-Cloud Backup—whether it’s a single file, email, your entire Microsoft 365 data store, or anything in between—that data gets scanned using Barracuda’s powerful Advanced Threat Protection malware detection.  

If it detects any malware or other types of malicious files in the data that’s being restored, that file is quarantined and admins get a notification about the issue. 

How would malware get into my backup in the first place?

In a perfect world, no malware would ever get into your backup because it would be detected and blocked before it ever reached your inboxes or other Microsoft 365 data stores. 

But in this non-perfect world, cybercriminals are forever developing innovative new forms of malware. Of course, Barracuda and other security vendors are constantly responding to this by gathering the latest threat data and incorporating it into our detection systems, such as those built into Barracuda Email Protection. 

But there is sometimes a lag—a period of time between when the item was backed up and when the malware is identified as malware. If an item comes in November, for example, it’s possible that the item will scan clean because it is a yet undiscovered form of malware and will be backed up. But months later in, say, February, when you go to restore data, you want to prevent that now-known form of malware from being restored to production systems. That’s what Barracuda’s Cloud-to-Cloud Backup malware detection does. 

Why don’t you scan the data while it’s being backed up?

This really comes down to efficient allocation of resources. In principle, we could scan your data during backup as well as during the restore process. But that would be a waste of resources. First of all, if malware can go undetected in an email or attachment, it’s extremely unlikely that it would be detected when it’s getting backed up—which happens shortly after its arrival in your systems. 

Fortunately, that really isn’t a problem. Your backup files are encrypted and totally inert while at rest—it’s unlikely that malware in your backup will be activated or do any damage. 

But when you restore files from backup, it’s likely days, weeks, or months since it was backed up. In that time, our detection systems have almost certainly gained the ability to spot that malware. So, scanning the data just before it’s restored offers the best opportunity to detect and block malware that previously went undetected.

How can I tell if Malware Detection is working?

The only indication you will have that Malware Detection is working will be if (when) it detects malware during a restore operation and sends you an alert. But don’t worry! It’s working. The capability is fully integrated into Barracuda Cloud-to-Cloud Backup. If you don’t get any notifications, it just means that no malware was detected during the restore process.

What do I have to do to enable Malware Detection?

Nothing. It’s fully active and enabled for all Cloud-to-Cloud Backup subscribers. There’s nothing you need to do, and there’s no extra cost. It’s just a new security feature that everyone gets.

Got more questions?

I hope the above has answered any questions you may still have about Malware Detection for Barracuda Cloud-to-Cloud Backup. But if you still need more answers, please don’t hesitate to call Barracuda. Remember, whenever you call, an actual human being will pick up—no phone trees at Barracuda, so you won’t waste any time listening to a robot and pressing keys on your keypad. 

And if you still don’t have a subscription to Barracuda Cloud-to-Cloud Backup, now’s a great time to get a free trial and see for yourself how simple and reliable it is.