- #How to make backups safe from crypto locker how to
- #How to make backups safe from crypto locker software
- #How to make backups safe from crypto locker Offline
In order to do that, however, it needs to be able to maintain a sufficient number of recovery points, and it needs to be able to protect the existing storage blocks from being modified.
#How to make backups safe from crypto locker software
In theory, your backup software should be able to restore the data to its state just before the infection happened. The problem with this is that ransomware changes lots of storage blocks, and your backup system will actually end up backing up the now-encrypted files. Most disk-based backup systems protect data at the block level and use changed block tracking to protect files as they are modified. These backups should be kept in a safe place and only brought online in a dire emergency.Īnother best practice is to use immutable backup storage if at all possible. In my own organization, I use external hard drives for this purpose. As such, I strongly recommend regularly creating secondary backup copies to tape or to some other form of removable media. Ransomware cannot touch a backup that is disconnected from the system.
#How to make backups safe from crypto locker Offline
Having an offline backup copy acts as a stopgap. At that point, it's game over: Both the primary data and the backups have been compromised and there may not be another way to recover from the attack. Even though your end users probably aren't backup administrators, there are indirect methods through which backups can become infected. When a ransomware attack occurs, the ransomware could potentially attack anything that the user who accidentally triggered the attack has access to. However, there are a number of best practices that you can use to improve your odds of recovering your data after an attack.įirst, maintain a secondary offline backup copy. Once again, there is no single decisive thing you can do to ensure that your backups will protect you against a ransomware attack. This, however, raises the question of how best to incorporate ransomware mitigation into an organization's backup strategy. Some of the defense mechanisms that you might consider include end user education (such as explaining to users why they shouldn't open suspicious e-mail attachments), application whitelisting, restrictive user permissions and aggressive malware scanning.Īs important as these defense-in-depth techniques might be, backups are ultimately the only thing that can save an organization's data after a ransomware attack has already occurred. As such, it is important to practice defense-in-depth. Unfortunately, there is no magical silver bullet that can prevent all ransomware attacks.
After all, it's better to prevent a ransomware infection from happening in the first place than to have to restore your backups in response to an infection that has already occurred. At the same time, backups should be regarded as the last line of defense - not the first. The advice I always give is that your backups are your most important defense against ransomware.
#How to make backups safe from crypto locker how to
It also shows, however, that many people are unsure of how to protect themselves against ransomware. What I find interesting about this is that it shows that there is widespread awareness of ransomware, and that IT pros and laypersons alike find it to be a credible threat. At the same time, I often have friends and family (who are not involved in IT) ask me how they can protect themselves against that same enemy. One of the things I've always found interesting about working in tech is that, sometimes, enterprise IT and home users really aren't all that different from one another.įor example, I regularly have IT pros ask me how they can best protect their organizations against ransomware.
0 kommentar(er)
