Thursday, September 3, 2015

Backup your data against Ransomware

It has caught our attention that there is a growing threat of Ransomware. So what exactly is ransomware?

You may open your computer one day with all your files encrypted. You try to run your usual file, it says "email to xxx@xxx.com" for help to decrypt your file. You are held ransom! They would ask for some payment before sending you the code to decrypt.

See below for example:

Your file name will be changed to:

Euniq Tax Invoice (Singapore).art.id-{OUXBGKMOSUXACFILNQTVYBDGJLOQUWZCEHKM-15@8@2015 7@57@24 PM3866084}-email-helpdecrypt123@gmail.com-ver-4.0.0.0

What's next? We do not know how they charge, or will they solve your problem after paying. After all, will you attempt to bargain with your kidnapper? 

As there is no single known solution to ransomware (as there a more than one type of ransomware), we shall talk about prevention. 

There is no better prevention then to have multiple backups! If your data is critical and expensive, then there is no excuse not protecting them. 

Here are some highlights to proper backup strategy:
1. Raid and redundancy is NOT a backup. As your data gets corrupted, it is corrupted!
2. Never backup the data in the same media. Means do not backup your data in same harddisk.
3. Detached your external media from your machine after backup. If you are using external harddisk or USB drive, detach them from the machine after backup. Leaving them in the machine will give you same effect as it allows virus to change your files away.
4. Use multiple media and swap them around. For example if you use USB drive, buy a few to rotate with label "Monday/Tuesday/Wed" etc. It is know fact that USB drives do fail us. We do not want to have a situation that our backup fails us when we needed them. 
5. Test restoring your files from your backup periodically. This is to ensure your backup is done properly and works in the event of emergency.

Hopefully we will never fall prey to ransomware or other new virus ever again! 

No comments:

Post a Comment