Automatic (or seamless) backup that is also immune to CryptoLocker

[David Moskowitz]

CryptoLocker, for those who don't recognize the name, is a category or ransom-ware. If it gets into your computer it starts encrypting files on whatever drives it can find. After it's done (and it can take a few days), you get a message that demands payment in BitCoin of anywhere from $300 to $1000 dollars within 3 to 5 days. If you don't pay, you don't get your files back. I can go into the details of how it works if anyone is interested, but that isn't the reason for this message.

I'm looking for a seamless or automatic backup tool, method, approach that is either immune or hardened to protect against CryptoLocker and its cousins. The challenge is that using classic tools (e.g., Karen's Backup) the device is visible to CryptoLocker and vulnerable.

I'd prefer a local backup solution so that it works even in hotels with less than poor Internet access. So an Internet solutions is 3rd on the priorities list. A second choice would be a LAN-based solution that fits the "hardened or immune" to CryptoLocker criteria.

Anyone have ideas or comments?

Thanks!

David

[RBL]

BitLocker? Also, what about cloud backup? Lastly, if you move all of your files to the cloud, the malware is screwed. I put all my stuff into Google Drive and then encrypted them there.

--
Via Note III. Visit RBLevin.org.

--
You received this message because you are subscribed to the Google Groups "PC TALK ONLINE" group.
To unsubscribe from this group and stop receiving emails from it, send an email to pctol+un...@googlegroups.com.
To post to this group, send email to pc...@googlegroups.com.
Visit this group at http://groups.google.com/group/pctol.
For more options, visit https://groups.google.com/d/optout.

[Rich M]

David there is evidence this crap even can get into the cloud andf as you know it goes acposs networks in a flash. Thus far there is no automatic approach I know of. I use a NAS drive that I turn on once a week and have my Handy Backup set to copy server files once a week to the NAS drive and then I shut it off. My files are all on the server as your business clients probably are but of course that isn't immune either.

[David Moskowitz]

CryptoLocker can get to files in the cloud if it can see them -- just had a client go through this.

If the cloud backup maps to the a local drive or shows up in NET USE then CryptoLocker will encrypt all data it finds -- with 256-bit AES -- on top of whatever intentional encryption might be used by the user(s). The only way to get to the data is pay the ransom.

David

On Thursday, September 18, 2014 5:58:47 AM UTC-4, RBL wrote:

BitLocker? Also, what about cloud backup? Lastly, if you move all of your files to the cloud, the malware is screwed. I put all my stuff into Google Drive and then encrypted them there.

--
Via Note III. Visit RBLevin.org.

On Sep 17, 2014 11:11 PM, "David Moskowitz" <david.m...@gmail.com> wrote:

CryptoLocker, for those who don't recognize the name, is a category or ransom-ware. If it gets into your computer it starts encrypting files on whatever drives it can find. After it's done (and it can take a few days), you get a message that demands payment in BitCoin of anywhere from $300 to $1000 dollars within 3 to 5 days. If you don't pay, you don't get your files back. I can go into the details of how it works if anyone is interested, but that isn't the reason for this message.

I'm looking for a seamless or automatic backup tool, method, approach that is either immune or hardened to protect against CryptoLocker and its cousins. The challenge is that using classic tools (e.g., Karen's Backup) the device is visible to CryptoLocker and vulnerable.

I'd prefer a local backup solution so that it works even in hotels with less than poor Internet access. So an Internet solutions is 3rd on the priorities list. A second choice would be a LAN-based solution that fits the "hardened or immune" to CryptoLocker criteria.

Anyone have ideas or comments?

Thanks!

David

--
You received this message because you are subscribed to the Google Groups "PC TALK ONLINE" group.

To unsubscribe from this group and stop receiving emails from it, send an email to pctol+unsubscribe@googlegroups.com.

[David Moskowitz]

That's basically the approach I've adopted (temp connect, backup, disconnect). But the challenge is the period of time between backups.

I run a SELinux server with MAC (Mandatory Access Control) which offers some protection, but it's not nearly enough and does nothing for local Windows drives. Linux also provides protection because the ransom-ware is a Windows executable -- until the vermin decide to add Linux as a target, though the way *nix permissions work, there isn't much the malware could access.

David.