Protecting Backups from Ransomware

In this post, we’ll talk about ransomware and protecting yourself from getting infected by ransomware, moving to that zero tolerance. For many, despite using an antivirus, the most significant protection of ransomware is backups. 

Why Backup?

Having a good backup and archive strategy as well as a recovery strategy is crucial nowadays. However, when you’re at home, you may think that if you have an external hard drive attached to your computer or to your router, or somewhere on a network device, that would protect you from ransomware. 

Unfortunately, that may not be the case, depending on how your network is set up more than likely. It’s, it’s one single authentication. Everything is open within your own system, and ransomware now is so sophisticated. 

It’s designed to look out beyond the PC, spread around as much as possible, and it will probably find that drive, which is your backup, encrypt and make your backups completely worthless.

And you put yourself back in the same boat. 

So here are some tips and some suggestions on your backups, and it’s going to be applicable for your home or for your small business, where even for large companies. If you have this type of mentality, that’s really applicable everywhere. 

The Best Ways To Protect Your Backups

So the first one is to isolate your backups. It’s effortless to go out and buy a hard drive and plug it into your PC. And away you go, you map the drive, and it’s just like an extension, and you back up all your files to that particular location. And that’s fine.

However, the risk with that is that if you get a piece of malware that takes over or is able to use your account, and most likely you’re logged in with administrator privileges, they have direct access to that backup location because it’s directly tied to that machine.

So there are a couple of ways to isolate it. Don’t plug the drive into your PC; attach it to your router. If you have the ability to share drives in your router, but make sure you’re not exposing it to the internet. 

Be careful, know what you’re doing, plug it into a different, another backup PC that you can access from the network, or change the NTFS permissions on the drive itself. 

The reason is for you to use a different account than the one that you have to do backups and isolate the data.

That way, if your primary PC account is compromised, it can’t move laterally into that drive very quickly. And really, the whole idea is creating security barriers. They may seem inconvenient for you, but the more barriers there are security and defense and layers, and that will make it more difficult for scripts or malware actors to try to get through those barriers as well.

Archive Strategy

And on the same point of digital isolation, you should also have physical isolation. So if you have a backup hard drive, external hard drive, USB sticks, whatever you use, have a buy a second one. 

The explanation for that one is that you should have a secondary backup that you keep at multiple physical locations, keep them away from your main processing center, whether it’s your data center or at your house, that’s a good practice. 

Now, this would become more of an archive strategy rather than a backup. A backup is, you know, you can run those daily or weekly. They’re a little bit more fresh. Your physical, offline, or offsite storage is more of an archive. 

Finding A Secure Place

There are backups containing the files that are completely irreplaceable. They refer to the lifetime photos, the financial data, the creation, the music, the art, the documents, the college term papers, the blog posts.

Those aren’t backed up very often, but they’re kept at a different physical location. And that is to protect the data from any major disaster that may happen at your home. 

For example, if it’s burglarized, if you have a natural disaster, if you have a fire, if you have a flood, anything that would render the electronics at that location either wholly unusable or disappear altogether, you want to have data that you can recover from elsewhere. 

If you’ve got to banks, a safety deposit box, put the physical drive in there.

Test You Drive

And lastly, test, test, test. Don’t trust the technology because, over time, it will fail you. Most likely, your recovery from backups is going to come from some hardware failure. A motherboard goes down, gets hard, uh, hard drive gets corrupted for, for whatever reason.

And it can happen at any time to the new or old devices. Imagine you have just bought a new brand new laptop. Few months in the solid-state, the drive goes sideways, gets majorly corrupted. It will be such an annoyance to recover. 

That’s the whole point, though, is to test your backups, recover from your archives. Test the hardware that you’re backing up to USB drives, fail hard, drives, power supplies, anything can trip up and corrupt your data.

So you want to go and check those things on a regular basis. Make sure that not only can you copy to, you can pull the data off, and the data’s actually still intact, go out and pull those from your family members, plug them in and then replace the hardware now and then. 

Over time, the stuff, the stuff wears down, the more backups that you have, the better. But you need to be able to test, test, test, recover. 

Management system

Don’t assume you know where they are; see how you get access to them. If you are encrypting your backups, make sure you have a darn good key management system. You’ve got a password vault that you’re storing the keys on or somewhere in other secure locations. 

So you don’t lose those because if you lose those, you’re not getting your data back anyway, whether the technology works or not, as in, in the encryption space, that’s the dark side.

Data encryption

Just be very careful when you’re using encryption. You’re able to decrypt as well as recover the files. So those are some things that you need to do for backups: don’t plug and play copy and forget, let it alone and assume that it’s going to be there for you when you need it. 

Cause it’s not going to, it might, well, it might be six months from now, but most likely it’s going to be years from now that that’s, something’s going to come up. 

That PC finally dies. You lose this, you’ll lose that. And then you’re going to plug it in, and it’s not going to work and realize, Oh, this is the only copy that I have. Don’t get into that situation. I’ve been there.

Bottom Line

When it comes to digital backups, storage is really, really, really cheap. Now have multiple copies and keep them in various locations and isolate your data on the network. You’ll be fine and be able to get to that zero-tolerance that if you do get infected, if you do get ransomware, blow it away, rebuild the PC, pull your data back. And you’re good to go rather than get into a situation where you can’t do that security and five, be aware, be safe.

Leave a Reply

Your email address will not be published. Required fields are marked *