Posted on Leave a comment

Back Up, another big warning

Time to think about doing that back up, that important stuff. Really, do it.

The majority of the last few weeks jobs we’ve had has been recovering data and Windows from damaged drives and filesystems. While I continue to look into faster and more efficient methods of carrying this out, It isn’t going to work for much longer.

Ransomware and Hard Drive failures are the main concern here, both are increasing in visibility on our job sheets.

Let’s have a quick look at some back up options:

  • Veeam is a technical/endpoint solution which can automate machine imaging in every environment. Ideal, as it will trim out temporary files for size and images, can be put straight on new hard drives. Regular images will offer some ‘step back’ recovery from Ransomware attack or drive failure.
  • File History is built into windows but not enabled unless you have an external or second drive. It will only keep a reversible copy of each file for a short period, likely to back up infected or ransomed files.
  • Cloud drives, such as BullGuard back up, Onedrive, Google drive, etc. Will sync documents up, and run the possibility that ransomed/encrypted files will be synced as well.
  • Macrium Reflect works well during our recovery jobs to image drives. Ideally, put the imaged drive on external storage. Reflect will also mount images as a drive, so you can pull each file out. Automation is possible with schedules
  • DVD backups of important files would be the most secure and quickest way to get your documents back. Windows Backup can be scheduled to do this, but takes up so much system resources.

Some preventions are being developed and should be ready in a few months.

MalwareBytes have an active beta and will be putting working samples into their main AntiMalware products.

Some 3rd party ‘blockers’ are available but might be ineffective as Ransomware changes.

For more information on Preventing Ransomware Read MalwareByte’s blogpost

We’ve also seen reports of a Master Boot Record encrypting ransomware, Which means instead of certain files getting encrypted, a part of every file will be encrypted and prevent system boot or access. While rare at the moment, worth preventing now.


Photo by christiaan_008


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.