Ransomware targetting backups

Comments are off
1
Marcelo Orlandi
Ransomware targetting backups

Are you using a backup to protect yourself and your business against ransomware? If so, you’ll want to think twice and keep reading.

As you aware there have been a new wave of ransomware the last few months such as Petya, NotPetya, Wannacry, the list goes on. All of these has the particularity of encrypting all of your data, and asking for a ransom to get the decryption key.

Well, the bad guys soon found out that when their targets have a proper backup, they could easily restore all affected files and not pay any ransom money! For that reason, they came up with a new solution to get your money.

If you have a backups of your files such as an USB drive attached to your computer or server, or even a cloud drive such as Google Drive or One Drive, then the malware will also encrypt these backups. This will leave you with a backup which is also full of encrypted files.

Follow the next simple but very important recommendations to protect against Backup Encrypting malware:

  1. Replace. If you use any type of USB disk attached backup, replace it every day, disconnecting it from the server or computer. If you use only online cloud storage be aware that this technology is not exempt from ransomware.
  2. Visibility. Make sure your backup runs well. If you see an unusual increase in your incremental backup, check it to make sure you are not backing up encrypted files.
  3. Test. When was the last time you test your backup? Are you sure you can recover any file if you need it? An expensive backup solution is useless if you cannot recover any file. For that reason, try to restore files from backups periodically to avoid any nasty surprises.

In a perfect world you should know when you have malware on your system before it starts encrypting your files, but this is not always the case. Because of that make sure you have a proper backup in place.

Until next Malware Monday!

Be safe out there…