Most forms of malware hide their infections, but ransomware boldly declares itself and demands money or you’ll never see your beloved ﬁles and data again. And if you haven’t taken the right safety measures ahead of time, your choices really are either pay the money or lose your data & ﬁles.
To put it simply, ransomware is a type of malicious software designed to block access to a computer system until a sum of money is paid.
Your best defense is to block the malware before it can infect your computer. Use an antivirus program, keep it running whenever your PC is on, and keep it up-to-date. Don’t click links or download ﬁles from suspicious mails—even if you think you know the person who sent it. Finally, be careful about downloading and installing software.
If ransomware strikes, only a good backup can save your data, your money, and your dignity. Not every backup is good enough, though.
As the ransomware softly encrypts your ﬁles, your backup program will likely back up the ﬁles in their newly encrypted, and so useless, versions. So you need a program that does versioning—saving older versions of your ﬁles. That’s not too much of a trouble. Most backup programs have this characteristic.
But even those older versions will be worthless if the ransomware succeeds in encrypting all the ﬁles on your backup drive. That’s one reason why we propose keeping the external backup drive connected to the PC as little as possible. Once a day, plug it in, run your backup program of choice, and safely remove it.
If you back up in the background to a NAS, back up the NAS frequently.
Cloud-based backup is always on, but the ﬁles upload slowly. While that pace can be annoying, it adds an extra level of defense: It could be days, or even weeks, before all of the encrypted ﬁles get into the cloud.
Carbonite’s Norman Guadagno told TechLinu that the cloud-based backup service “has been getting 500 calls a month” from customers hit by ransomware. “We help them recognize a clean backup image and help them to wipe and reinstall.” I assume that Carbonite’s competitors do the same.
Not that this is perfect. Your most recent work will likely be lost. Will the ransomware authors ﬁnd way to destroy cloud-based backups? Guadagno admitted, “I worry about that all the time.”
For the time being, cloud-based backups—and local ones where the backup drive is typically not plugged in—are safe. Hopefully it will stay that way.