NAS and ransomware

godinman

godinman

godinman

Soldato
Joined
26 Feb 2007
Posts
8,573
Hi All,

My fathers computer was recently infected with some randomware, luckily it didn't spread to his second HDD so he didn't really lose anything.

I've been increasing his computer security, he no longer runs admin rights as standard and have paid avg and malwarebytes along with email scanning (this was how it got in) amoungst a few other things.

What I'd like to sort out now is backups, I want to install a NAS with raid (2 x 4TB in mirror). My worry is that if there is another infection that it will just lock the NAS too.

What method can I use to prevent this? I was thinking about getting a NAS with versioning, then a second NAS which isn't accessible from the main PC but only backs up from NAS 1. This is probably a bit expensive however, is there another solution anyone can think of?

He's been backing up old VHS tapes recently and takes lots of photos so a cloud solution would be difficult due to upload speeds, however I may use this as a second (or third) method with backup set to nighttime.

Cheers for any help, I think we got off lightly last time and will feel like a right mug if we get caught again!!
 
A simple (and fairly cheap) solution is what I'm currently running - I have an external HDD that sits next to the main PC but unplugged. Once a week, I plug it in and run SyncBackFree which is set to mirror various drives and folders onto the HDD. Once complete, I simply unplug the HDD until next week. No way any ransomware can hit the drive normally as it's not physically connected to anything, but does require a little memory and effort on the human side, albeit moving one USB plug, opening a single program and pressing a single button once the SyncBackFree profile has been set up.

I'm sure others will be able to come up with much better and more automated ways to do what you're after, but thought I'd just add my basic method. :)
 
Give your normal user read-only access to the NAS.

Run the backups to the NAS under a different user that has write access.

A good rule of thumb is give the minimum access required to data and Windows account.


Keep a backup of the NAS too, maybe an external drive once a week or similar.
 
Thanks for the advice, I think I've come up with a solution using the above.

A NAS with mirrored drives which only allows access via ftp (my backup software will backup using ftp and stores the credentials), then have a USB hdd plugged into the NAS which will then store a backup of itself every week or so, I should be able to set it to not be visible/writable from the computers.

I think that along with documents being backed up to dropbox should be a pretty good solution.
 
You must log in or register to reply here.
Back
Top Bottom