Based on the provided article, here are some key points about VBR’s detection of online extortion attacks:

1. VBR v12.1 has a new feature called “Index Scan” that can detect online extortion attacks.

2. This feature is enabled by default, but it can be disabled for each backup job if desired.

3. When Index Scan is enabled, VBR will scan the virtual machine or physical machine’s files and index them to detect any suspicious activity.

4. The scanned data is then sent to Veeam’s Malware Detection service for analysis.

5. If a suspicious file is detected, VBR will flag it as “Suspicious” in the Inventory interface.

6. The results of the scan can be viewed in the History tab, where each event is listed with details about what was scanned and when.

7. There are two types of scans that can be performed: Inline Scan and Index Scan.

8. Inline Scan is performed during the backup process and only scans the files that are being backed up.

9. Index Scan, on the other hand, scans all files on the virtual machine or physical machine and indexes them to detect any suspicious activity.

10. The SuspiciousFiles.xml file contains a list of known malware signatures that VBR uses to identify suspicious files.

11. This file can be updated online or offline, and VBR will automatically update it if it is connected to the internet.

12. If a suspicious file is detected, VBR will display a warning message in the Inventory interface, and the affected virtual machine or physical machine will be listed in the History tab with details about the malware detection.