Results 1 to 3 of 3
  1. #1
    New Lounger
    Join Date
    Apr 2013
    Posts
    2
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Ransomware or Cryptoware and cloud backup vulnerabiliy?

    The suggested protection against ransomware is frequent backups. With local backups the external device used can be disconnected except when actively backing-up to reduce exposure. But cloud based backup services such as Crashplan, Nortonbackup, Carbonnite, etc perform automatic backup in the background. Won't the files in those services be encrypted by the Ransomware by backing up the newly encrypted files? Can ransomware reach out to backup site just as it reaches out to network drives?

    What about pseudo backups stored in a syncing service such as OneDrive or Sugarsync? Are these cloud files going to be encrypted upon syncing from the infected PC? If so, these services seem to increase exposure to Ransomware since the encrypting could spread from any one of many PCs to all the other synching PCs.

    Is it necessary to turn off automatic backup and syncing to protect data?

  2. #2
    WS Lounge VIP
    Join Date
    Dec 2009
    Location
    Earth
    Posts
    8,164
    Thanks
    47
    Thanked 977 Times in 907 Posts
    The backup will be encrypted after the malware is installed, files before then will be OK. As long as your backup / sync service holds multiple copies of files you will be able to recover non-encrypted versions - this assumes you have removed the malware first.

    Automatic backup is the same as manual backup. The requirement is multiple copies.

    cheers, Paul

  3. #3
    5 Star Lounger
    Join Date
    Mar 2010
    Location
    east coast
    Posts
    701
    Thanks
    89
    Thanked 8 Times in 8 Posts
    some new versions do not strike until after a long time to be sure they infected all your backups too

    better be sure to practice safe surfing and have every antiscumware package possible running


    Quote Originally Posted by Quatermas View Post
    The suggested protection against ransomware is frequent backups. With local backups the external device used can be disconnected except when actively backing-up to reduce exposure. But cloud based backup services such as Crashplan, Nortonbackup, Carbonnite, etc perform automatic backup in the background. Won't the files in those services be encrypted by the Ransomware by backing up the newly encrypted files? Can ransomware reach out to backup site just as it reaches out to network drives?

    What about pseudo backups stored in a syncing service such as OneDrive or Sugarsync? Are these cloud files going to be encrypted upon syncing from the infected PC? If so, these services seem to increase exposure to Ransomware since the encrypting could spread from any one of many PCs to all the other synching PCs.

    Is it necessary to turn off automatic backup and syncing to protect data?

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •