It seems only a matter of time before a business will be subject to a ransomeware attack. The dreaded malware will target an entity with access to important data that can be monetized, invade and encrypt files to then demand a pretty penny for their safe return. A study conducted by security software giant, McAfee Labs reported that they had identified more than 4 million samples of ransomware in Q2 of 2015 alone, including 1.2 million new samples. Users should get used to the idea of being on the defense against these new and evolving versions of ransomeware. There is hope, however, and understanding how protect our data from attacks, is step one. Cloud backup innovators, CloudBerry Lab address the problem with this recent blog that discusses ransomware’s relationship with the cloud, and what you can do to protect your business against an attack.
“How can I protect the data from ransomware-related encryption?”
It’s a common present-day’s question, since Ransomware became a widely spread virus family that blocks access to your files in exchange for a ransom. Today we are going to reveal a backup-related solution to protect your data from cryptolocking and ransomware.
What Is Ransomware and How It Affects the Cloud
Simply speaking, it is malware that makes your data unusable till you give it some money. It often uses encryption techniques to block an access to the user information that can be unencrypted, if you are lucky enough. As a power user, you probably use antivirus software that can help with ransomware removal, but what will you do if it won’t? The better and more reliable way is to avoid this kind of situation.
We keep on repeating that backup is absolutely necessary for all users or companies. So it is just another example – with a backup you could easily recover corrupted file from a backup. But there are some pitfalls with using cloud storage. If you use something like Google Drive or Amazon Cloud Drive, your data transfers to the cloud automatically. This is the weakest point in case of Ransomware protection.
Cloud Sync vs Cloud Backup
Typical cloud solutions for small business (SMB) or home user offer a few ways of data transferring:
- Data backup. From a low-level prospect, it is just raw data copying triggered by some regular event (user’s initiative or a time trigger). It could be either manual or automatic using separate scheduler process. All backup services work this way.
- Synchronization. In case of synchronization the data transferring depends on the source object state (whether it is changed or not). The separate process will watch for your local files changes and transfer them into the cloud, and vice versa.
Software like Google Drive and Amazon Cloud Drive (and Dropbox, OneDrive and so on) uses synchronization that keeps user data always up to date in the cloud. The weak point is that EVERY change will be synced, even unwanted.
On the other hand, the backup process sends updated data on a regular basis while keeping the file version history. So even if you get infected data backed up, you will be able to recover it using older backups. The key difference between sync and backup processes is in a version history availability. For most sync solutions you won’t find one, while it is basic for backup products.
Let’s imagine that your PC got infected with Ransomware. Looks like nothing happens, but your files are getting encrypted in the background. When the virus shows its face with “give me some money” screen, it will be too late: all changes were immediately transferred to the cloud by your favorite Drive app.
So now you have to find the way to get the data back, except for the cases when your cloud sync service keeps file history with multiple versions. To be honest, not many services offer this feature for a reasonable price.
What Should You Do With Ransomware
For better understanding, let’s check a typical backup scenario that can avoid data blocking. As example software we use CloudBerry Backup Desktop.
Imagine a small company with a dozen of users storing the data mainly on their laptops. To protect them from a data corruption, we should do the following:
- Use CloudBerry Backup Desktop on all important PCs.
- Setup the backup software to do daily backups with transferring to the cloud storage. It is better to do a backup as often as possible, but you should always keep in mind performance and price impacts.
- Set the CloudBerry clients to store at least 7 file versions in the cloud. Of course you can decrease\increase this number, but remember that the user could not find out the corruption in the same day.
Let’s summarize the above mentioned ideas to a simple “best practice”:Now we have an everyday “snapshot” of the company data in the cloud and users can restore the necessary files in any case. Even if their computers got infected with Ransomware.
- Always do a separate data backup even if your files are synced to the cloud automatically.
- Enable file version history in your cloud storage. It could be an additional barrier against data loss. If your cloud drive service doesn’t offer one – use a backup tool with data versioning.
- Do at least one backup daily and store a few backup versions to handle with any kind of corruption.
- Store backups on external drive — it will help in case of PC-related issues. The best option is to keep backups in the cloud storage, which has a great reliability and is accessible anywhere.
The Ransomware is like a typical hardware issue — you immediately lose access to the crucial data. So the ways of avoiding it are the same. If you do regular backups with multiple versions and use cloud storage services, you will always be able to get the data back.