You’ve been hearing about Ransomware attacks (they are  attacks that target your files and encrypt them and make you pay money to hidden organizations to get your files back – at first they targeted regular consumers like you and me and now they are targeting more and more businesses.)

How can you protect yourself against Ransomware Attacks? UPDATE:

SIDENOTE: protect is the wrong word, as you might still get attacked. However using the techniques below you will be able to recover from a hack without paying the ransom & without much effort. The line should instead say:

How to recover from a ransom ware attack?

  • Backups
    • Have a local backup
    • Offsite back
    • Not enough can be said about having backups. They are not just good for Ransomware attacks. They are good for all sorts of data and intellectual property protection.
  • Snapshots
    • Filesystems like ZFS and BTRFS support Readonly snapshots. They take backups of your files point-in-time and nothing can touch them. Ransomware cannot penetrate the filesystems readonly barrier. Ransomware attacks operate on common protocols like Cifs/Samba. If your ZFS and BTRFS snapshots are not exposed or are readonly the attack vectors cant change your files.
    • Store your important data on file servers or systems that support snapshots. Setup Hourly or Daily snapshots. Snapshots are great because if there are not alot of changes they dont take up much space

So now if you get attacked all you have to do is just look for your original un-encrypted file in your snapshots or in your backups.

UPDATE: Its been brought to my attention that using above techniques do not protect you from the actual hack happening. That is true. The above solutions are only a cure to if you got already hacked. Either way its good to have backups and good to have snapshots. The above are not like a vaccine that will prevent the issue indefinitely. However I would like to mention, in a perfect world we would have both the cure and vaccine. Ransomware is constantly evolving, so your network security and computer security would have to stay ahead of that all of the time. Most of the common Ransomware hacks are fought by common security tools and common network security appliances, so keep those up to date, and make sure to have those in place & your chance of being compromised decrease.

2 thoughts on “Best way to protect against Ransomware – Backups and Snapshots

    1. To protect yourself against the actual hack your network security and security on your servers would have to stay ahead of the hacker game. Im just talking about how to remedy the solution. Ill be more clear in the article. Its like you have the cure for it, you might still get sick from it, but you can apply the cure and be great afterwards, its not a vaccine that will completely protect you from it. In a perfect world we would have the cure and the vaccine.

Leave a Reply

Your email address will not be published. Required fields are marked *