You can debate it or you can protect yourself. Nothing stops malware from say, scrambling the file allocation tables or waiting for you to unlock the drive.
 | Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years. Thanks, CNET Support |
General discussion
Can my backup hard drives be affected by ransomware?
With all the hacking and malware abound, I was wondering whether am I protected enough? I do not mean Norton or McAfee or ZoneLab. I have all my programs and immediately needed data on my solid state drive (C drive). All my work (relating to web design, graphics and photography) are stored on the second internal hard drive and on two external HDs I can switch off. I've read recently that some ransomware has coding in them so even if one pays, the ransomware is capable of locking the folders/files/data on those secondary drives and can even destroy the data in them. Question: Are are secondary hard drive and external drives safe? If not, how can I make them safe from ransomware? Thank you for your help.
--Submitted by Judit K.
Discussion is locked
61 - 90 of 71 Posts
- Collapse
- Collapse -
R. Profitt is correct. Also, at some point you have to type in the password to make the drive usable. At that point, it's now visible to the malware.
Any drive or connection that shows in the left pane of Explorer is vulnerable.
- Collapse -
If this can happen on connected network or USB drives, is there some way to "turn on" your network connection to a NAS, or to a USB drive, on a timer to do the backup and then have it shut it off automatically? That would be a great feature.
- Collapse -
For the network shares, that can be done easily. For USB, you can "Stop" the USB service to a device, but I don't think you can restart it without physically reconnecting the device.
But, that doesn't solve the problem.
Ransomware tends to hang out for a while on your system, encrypting files behind the scenes, before popping up the message. They want to grab as much important data as possible before making the user is aware it's there. That includes looking for new shares and new drives being plugged in. As soon as the program sees something new, it gets busy encrypting information on that, too.
To remain protected, you need a service that transfers data without making the destination visible to Windows Explorer. Examples would be cloud backup or FTP. (As long as you never user Explorer to log into that particular FTP site, also.)
- Collapse -
I think that, if even ONE person learned that it is a good idea to back up their data (if not the whole computer) we have done an outstanding job. At work, people were supposed to save their stuff on a server, which I backed up. But when you get to a user who is literally crying because of the message on their screen "Operating System Not Found", it gets frustrating. At least those errors can "usually" get fixed, but still...
- Collapse -
When you are dealing with Executives, "Operating System Not Found" is VERY easily fixed. Actually, I've become pretty good at it. I remember loading the Windows (XP) install CD and working up to the Recovery Console ("hit R to..."). Then you type in CHKDSK /P and that could fix it. If not, you repeat the process using the FIXMBR command. If that doesn't fix it, you find a scapegoat...
- Collapse -
Hi there, just one doubt, I understand that ransomware encrypts everything it has access to.
But what about network drives mapped over the internet like with Apps like NetDrive where the person accessing can only read the remote contents? This shouldn't allow anything not even ransomware to modify the files right?
If this is the case, using a backup on the network with a separate user through for example a specific Sync App like Syncovery should work fine while the main user accessing the content has only read only privileges.
Thanks for sharing your views
- Collapse -
I don't think anything is safe today in such a malicious environment where hackers are sitting back to get a chance to steal your data.
If you are not so sure about external HDs then you may also go for online data backup plans. I know even they are not so safe but with these plans you will surely never lose access to your data as in case of ransomware.
- Collapse -
Hi,
Not sure this is exactly for this discussion but it could be helpful if you get ransomware:
EMSISOFT has created a bunch of software decrypters that might get you out of a jam. You can download them for free from here depending on the ransomware you have encountered https://decrypter.emsisoft.com/. Also Malwarebytes has a new free (still Beta) ransomware software which you can download and maybe save you as well https://blog.malwarebytes.org/malwarebytes-news/2016/01/introducing-the-malwarebytes-anti-ransomware-beta/
Hope it's helpful,
Steve
CNET Forums
Operating Systems
Software
Electronics & Gadgets
Hardware
Tablets & Mobile Devices
General Help
Roadshow Autos
Chowhound
Comic Vine
GameFAQs
GameSpot
Giant Bomb
TechRepublic