>My concern is also that my application is using SQL Server database and that SQL database gets infected by this virus too.
You get some protection by having your data in a SQL Server database. Since SQL Server holds its database files open, other user processes (such as cryptolockers) can't get access to them. Those would basically get "accessed denied" errors.
OTOH SQL Server data tends to be high-value. Sophisticated malware might:
- try to guess weak/default SQL Server passwords (e.g. "sa" password)
- try to stop the SQL Server service. Once stopped its files can be opened and encrypted. Of course this takes the server down which can be obvious, so a stealth encrypter probably wouldn't do that by default
- if the malware roots the machine and loads a file system driver, it could hook between user processes (and/or services) and the file system so all file I/O passes through it and is under its control
Regards. Al
"Violence is the last refuge of the incompetent." -- Isaac Asimov
"Never let your sense of morals prevent you from doing what is right." -- Isaac Asimov
Neither a despot, nor a doormat, be
Every app wants to be a database app when it grows up