OCS banner and logo
Keeping clients' computers safe and profitable for over 30 years

Home Forms About Current Newsletter subscribe 
Search All Articles

Browse by Category

powered by pmc2m


Ransomware protection

Article for: Everyone
Importance: Could save your data, could do nothing

Ransomware infects any drives that Windows can access using a letter. So those USB drives that are attached to your computer for backup could be infected. This will destroy your backup. Mapped network drives can also be infected.

All the security tips I've been giving for over 30 years will reduce the chance of getting infected. However, there are steps you can take to mitigate the disaster. if some ransomware gets through your protections.

Locked Images

An image is a complete copy of your entire drive, including Windows, all programs, drivers and data. Macrium Reflect's paid versions, both home and Workstation, offer ransomware protection. They lock the images so that only Macrium Reflect can write to the image or open it. Macrium can also unlock it. This should prevent the image from being encrypted even though it is on an attached USB drive.

Offsite data backups

SpiderOak protects your data from infection because the online backup is accessed through their program. It cannot be access from Windows using a drive letter. Many other off-site backup programs also offer this protection. As long as you can't access your backup from Windows directly, either via the network or a mapped drive, your files are probably safe.

Disconnected Drives

Multiple USB drives that are removed from the system will give you a safe backup. Use a drive for a couple weeks, then change it out for another one and store the first one in a safe place.

What I do

  • Follow a wide range of safe computing practices to reduce the chance of an infection getting in.
  • Backup all data with Spideroak every night and check that it is working. This way I have copies that cannot be corrupted by malware.
  • Have Macrium Reflect make an image every month which is protected against being able to be written to. This saves both my program files and data files from destruction (or at least allows me to resurrect them if destroyed).

Date: September 2019

Creative Commons License
This article is licensed under a Creative Commons Attribution-NoDerivs 3.0 Unported License.

  Please direct questions/suggestions about website to the webmaster