Sadly, several months ago my wife's computer fell victim to ransomware and we were forced to pay the extortion to retrieve her priceless photos (almost $500). So, I bought Syncovery.
I backup to a FreeBSD server using SFTP, which Windows can't get to so I'm not worried about any ransomware getting to the server and encrypting files. But what I am worried about is backing up files that have already been encrypted by ransomware, thereby overwriting the original unencrypted files. I can use versioning, but if the ransonware goes undetected for several days then even multiple versions will all be encrypted.
Any ideas on a strategy to protect against a scenario like this?
Ransonware Strategy
Moderator: SuperFlexible Administrators
4 posts • Page 1 of 1
Ransonware Strategy
by k9bm on Sun Oct 11, 2015 2:39 pm
- k9bm
- Posts: 2
- Joined: Sun Oct 11, 2015 2:09 pm
Re: Ransonware Strategy
by Spiral on Thu Dec 03, 2015 8:44 pm
I was looking for a similar solution, and may have an idea. There is a few option in the Special Safety tab, which will warn if more the X number of files are Deleted.
Wouldn't an option, for example, to warn if more the X number of files are Modified, help to identify if all the file have just been encrypted? Then you could get an email, with the warning alerting you to a possible issue.
Wouldn't an option, for example, to warn if more the X number of files are Modified, help to identify if all the file have just been encrypted? Then you could get an email, with the warning alerting you to a possible issue.
- Spiral
- Posts: 1
- Joined: Thu Dec 03, 2015 8:16 pm
Re: Ransonware Strategy
by k9bm on Thu Dec 03, 2015 9:00 pm
I don't see that option in the Special tab, but yes that seems like a good area to explore.
RIght now I'm pretty disappointed with Syncovery support. I thought they had been monitoring this forum to help paying users, but my post has been here for almost 2 months and you are the first reply. You probably also noticed the string of HTML errors on the page also, clearly no one at Syncovery bothers to even look at this forum....
RIght now I'm pretty disappointed with Syncovery support. I thought they had been monitoring this forum to help paying users, but my post has been here for almost 2 months and you are the first reply. You probably also noticed the string of HTML errors on the page also, clearly no one at Syncovery bothers to even look at this forum....
- k9bm
- Posts: 2
- Joined: Sun Oct 11, 2015 2:09 pm
Re: Ransonware Strategy
by superflexible on Sun Dec 06, 2015 9:01 am
Hello,
I'm back to the forum. Please accept my apologies for the long absence. I have been extremely busy working on the software and providing support via our support email address, support@syncovery.com.
The only solution to the problem I see is keeping enough older versions for each file so that you can go back as far as necessary. The Restore Wizard will allow you to specify a date in the past to which you want to go back. Maybe you can choose to keep 100 or more versions for each file.
In addition, if the Ransomware modifies your files, and you see that Syncovery starts re-uploading all your data, that will help you notice that there is a problem quickly. Just monitor Syncovery's activities on a daily basis.
I'm back to the forum. Please accept my apologies for the long absence. I have been extremely busy working on the software and providing support via our support email address, support@syncovery.com.
The only solution to the problem I see is keeping enough older versions for each file so that you can go back as far as necessary. The Restore Wizard will allow you to specify a date in the past to which you want to go back. Maybe you can choose to keep 100 or more versions for each file.
In addition, if the Ransomware modifies your files, and you see that Syncovery starts re-uploading all your data, that will help you notice that there is a problem quickly. Just monitor Syncovery's activities on a daily basis.
-
superflexible - Site Admin
- Posts: 2478
- Joined: Thu Dec 31, 2009 3:08 pm
4 posts • Page 1 of 1
Return to Windows Support * new forum: www.syncovery.com/forum