Other issues in this category (75)
Could backups be the ultimate security solution?
Wednesday, June 22, 2016
Few would argue that backups aren't necessary. However, some people believe that backups can be used to restore data that has been lost in an attack by a malicious program, such as encryption ransomware, and that they don’t need an anti-virus. Are they right?
Malicious programs have long ago learnt how to penetrate removable data storage devices (these are usually used to store backups for home PCs) connected to a computer as well as shared network folders that are mapped as network drives or are simply accessible in a network neighbourhood. Cloud storages aren't impregnable either.
You are up against competent people who know how to think and are experts at what they do.
So, how do Trojans infect backup storages?
- If backups are created according to a schedule or at user request, infected files and applications incorporating Trojans can get into backups.
- If a network folder is mapped as a network drive or can be accessed via the network neighbourhood, its contents can be corrupted by almost any encryption ransomware program.
- Malicious files that an anti-virus can't yet detect can be backed up too. If you recover data from such a backup, you will recover the malware, too!
- A malicious program that infiltrates a system as the result of an APT (advanced persistent threat) attack can operate stealthily for years. Today, it’s very common for many Trojans to only spring into action after a specified time delay.
And network storages also have vulnerabilities. For example , Trojan.Encoder.737 encrypted files in Synology storages. This vulnerability was closed long ago, but who can guarantee that another one like it won’t be found?
The Anti-virus Times recommends
- Store your backups on special removable devices. They provide fairly safe storage. Of course, that is until they are no longer operational (they can fail like any other hardware). It is strongly recommended not to store backups on a local drive.
- Even if you use backups, keep distribution files of all the applications you use on separate media—there is still a chance that your backups will be compromised.
- Once data is restored, immediately scan it with an anti-virus that has up-to-date virus definitions. Because the latest virus definitions may be unavailable after you restore your data and connecting a machine that hasn't been checked by an anti-virus to a local network or the Internet is risky, you can download the latest version of Dr.Web CureIt! to another computer.
- Dr.Web Security Space incorporates the Data Loss Prevention feature to back up user data. Unlike ordinary backups, these are protected by the anti-virus, and neither criminals nor malware will be able to delete them. This can serve as an additional measure to protect your important information. And, if you don't back up your data by any other means, this will be the only protection you have.