Ransomware - Backups

Stretch

Stretch

Stretch

Soldato
Joined
14 Feb 2004
Posts
14,315
Location
Peoples Republic of Histonia, Cambridge
What is the best method of backing up files to protect against ransomware attacks?

A friend of mine owns a small business, and it sounds like they just had a very close escape and their virus protection has prevented files from being encrypted, but the PC is showing some signs of infection.

I've suggested they invest in some form of backup, however they are not very computer literate, so they need something really simple.

I've looked into an external hard-drive, but as far as I can tell, this will offer little or no protection from ransomware if it remains attached to the PC.

Is this correct?
 
Yes. You could rotate between two, always keeping one offline.

Another idea is having some form of backup that uses versioning, perhaps an online service or something on a NAS. That way if the file changes (i.e. becomes encrypted) then you can still access the old version (i.e. the unencrypted one).
 
Jim99 said:
Yes. You could rotate between two, always keeping one offline.

Another idea is having some form of backup that uses versioning, perhaps an online service or something on a NAS. That way if the file changes (i.e. becomes encrypted) then you can still access the old version (i.e. the unencrypted one).
Click to expand...

I have considered versioned backups.

Are there external drives available that would periodically backup data to a read-only portion of the drive?
 
Stretch said:
I have considered versioned backups.

Are there external drives available that would periodically backup data to a read-only portion of the drive?
Click to expand...

I haven't heard of anything like that.

What I've done in past is use a PC/Server as a NAS. Users write to the shared drive, which backup software on the PC/Server can access and copy over to a non-shared drive.

The non-shared drive is safe from encryption etc. The only critical thing is how it's copied to the non-shared drive. If it's just done every 24 hours, then by the time you've realised you've been hit, your backup software has probably copied over the encrypted versions.

So ideally you'd still have some form of versioning involved.
 
Offsite online backup and external hdd x2 rotated through the week being taken offsite in a evening.
 
How much data are we talking?

As a quick & easy option, I'd suggest Dropbox (which supports versioning) and copying to an external HDD every day/once a week depending on how much data.
 
It's around 6GB of data.

I've been investigating the Western Digital Passport HDD series. They come with a backup suite called Smartware.

It seems to tick all the boxes in terms of ease of use, versioned backups etc. It also has dropbox integration to provide secondary offsite back up which is a nice feature.

However, one thing I'm struggling to find out is if the versioned backups made by Smatware are write protected.

Does anyone have any experience with these devices?
 
Last edited:
I would recommend something like Crashplan.

The free version will backup (with full versioning) to internal or external drives (which would still be at risk of being encrypted by ransomware), however it can also backup to other PCs which are also running Crashplan (either on the same network, or over the internet e.g. friends/relatives) via its own protocols (so should be safe from ransomware).

Of course, they also have a cloud backup option as well (which is pretty reasonable) which may also be sensible - especially for a small business.
 
You must log in or register to reply here.
Back
Top Bottom