Ransomware ran amok in 2016.
Prominent crypto-malware strains like Jigsaw, Chimera, and Petya/Mischa had a field day encrypting unsuspecting users’ data (and made a lot of money in the process, too).
Given ransomware’s success, it’s no surprise some developers of non-encrypting malware modified their software to begin asking victims for a ransom. The creators of KillDisk did it, and no doubt other criminals will follow suit.
To a certain extent, end-users wised up to (or at least became aware of) the ransomware threat in 2016, though for whatever reason, many chose not to create a data backup strategy. Maybe the task seemed too daunting. Maybe they just didn’t have the time.
But 2016 is gone. The new year is the perfect time to get out of bad habits, and take that crucial step towards protecting your data. Here’s how you can create a robust data backup plan and make sure it works.
Developing a Data Backup Strategy
Once you’ve decided you’re going to take the plunge and back up your data, you’ll need to flesh out the what and how components of your backup strategy.
The what component refers to what devices you want to back up. Do you want to just focus on backing up your laptop, or do you have additional computers and maybe even a few mobile devices whose data you’d like to protect, as well?
Additionally, perhaps you don’t want to back up all of your saved data but instead only files contained in a certain folder or user profile. All of those factors shape the how component of your data backup strategy, that is, how you want to back up your data.
For instance, if you simply want to back up the files located in a folder, you can probably get away with copying that folder to both a USB drive and Dropbox and updating the files contained therein on a regular basis. By contrast, if you want to back up your hard drive, you might need to invest in hardware and software that come with adequate data storage capacity.
But here’s the thing: no matter how much data you want to back up, it doesn’t change the fact that you should maintain multiple copies of your information on different media.
That’s the quintessence of a 3-2-1 backup strategy, where you keep at least three copies of your data on at least two different storage types with at least one copy located offsite.
Multiple copies in theory means at least one copy will work if the others fail. The same goes for the two different storage types; if you can’t use one, hopefully you can use the other. Finally, if you lose or someone steals a local copy of your data, you can always restore your data using the offsite copy.
For a basic 3-2-1 backup strategy of your laptop, I recommend that you purchase both an external hard drive and a subscription to an online backup service.
You should use the former to back up your critical data regularly but at least once a week.
When you back up with the external hard drive, don’t do anything else with your computer. In fact, it might even be a good idea to temporarily disconnect from the internet so as to prevent web-based threats from pinpointing and infecting the external hard drive.
Once the device has finished backing up your data, make sure you store it in a secure location where no one else can find it. A locked drawer makes for a great storage place. If you really want to go all out, lock the external hard drive in a safe that’s fire- and water-resistant.
Of course, backing up with an external hard drive takes a lot of planning. That’s why it’s important you also have a solution that doesn’t take a lot of thought.
An online real-time cloud backup service fulfills that need. All you need to do is install the software on your computer, log into your account, and let the program back up your files to the service’s cloud-based data center automatically.
Now don’t get me wrong. There’s some risk in backing up via the cloud, as a data breach at that company could potentially expose your personal information.
But that doesn’t mean you should run away from the cloud. Just make sure you do your homework and go with a reputable company that takes adequate steps to protect its customers’ information – such as encrypting your backups so the only person who can access the data is you.
Testing Your Data Backups
Congratulations! You’ve set up your backup strategy. But your work doesn’t end there. You don’t want to suffer a ransomware infection only to find out that none of your backups work. To protect against such a scenario, it’s important that you test your data backups regularly.
Here’s what I recommend:
1. On a quarterly basis, create a temporary folder on your computer. Then go to your data backup solution’s software and select a few files that have recently been updated for restoration. Save those files in the temporary folder and look them over.
Do their contents match those of the original copies? If not, try deleting the backup, backing up your computer again, and implementing the same test. Is there any improvement? If not, the backup software might be malfunctioning, in which case you might need to fix your external hard drive or call customer support for your online backup solution.
2. Once you’ve restored a few files and verified their contents, try backing up an entire folder that comes with sub-folders. Successful restoration should preserve that folder’s entire folder directory, including all sub-folders and individual files. Check to make sure that’s the case.
3. On a bi-annual basis, completely restore all your data. Depending on space constraints, you might want to do this on another computer or on a virtual machine. Once the restoration is complete, review your critical files and folders. You should also look at the storage space and make sure it matches with the size of your data saved on your device.
Conclusion
There’s no need to go into 2017 with your data unprotected. By following the tips provided in this article, you’ll make sure a ransomware infection doesn’t get the better of you and your information. Sure, backing up your computer requires a little bit of thought, but it’ll save you a lot of time and effort in the long run if something happens where you lose access to your data.
Have I missed anything in this article? Do you adhere to certain data backup practices about which you’d like others to know? If so, please let me know in the comments!
To learn more about backups, make sure that you listen to this episode of the “Smashing Security” podcast:
Smashing Security #043: 'Backups - a necessary evil?'
Listen on Apple Podcasts | Spotify | Pocket Casts | Other... | RSS
More episodes...
"There's some risk in backing up via the cloud, as a data breach at that company could potentially expose your personal information."
This is why I recommend people use a zero-knowledge encrypted cloud solution. There are a few out there but the best, in order, are:
1. Tresorit
2. SpiderOak
3. Tarsnap
4. Least Authority
But be warned: zero-knowledge means no access if you forget your password! Also be prepared to pay – these companies don't (and can't) make their money by selling your data unlike the big cloud providers. Therefore to make their money you've got to pay a subscription.
David I think you're a bit over the top on this but better to be that way than "under funded"! anyhow here's what I do. I have 2 SSD 500 GB how swappable that are normally unplugged. I start with linux which right there makes it mighty tough to break in around here. Secondly I do your thing. I run a script that backs up /home and it runs automatically at 01:00 every Saturday morning. I also backup a few other things like bookmarks and some directories related to personal data under firefoxes database. If pics or videos directories have changed they get backed too (but I first check to make sure they're assessable)… now my backup plan is first thing disable the entire LAN. nobody talks to nobody else, see? I do this first on the router and then on the NIC. I then run the backup script manually. but just in case its also in my startup.
now because this is hot swappable I need to MANUALLY plug in the SSD. but not until everything has been disconnected, see? I then run the script. now when I do this manually the drive is automatically mounted by the OS when I first plug it in (however it tries that at the beginning of the script anyway). at the end of the script I send a umount command to both SDx's thus they become invisible to the sytem once the script completes.
I then remove one of the SSD's and actually carry it around with me! yep wherever I go it goes! the next week I do it all over again but remove the alternate SSD (to become my clossest "buddy" for that week!). btw the SSD's are installed into a prior 3.45" floppy bay.
result of all this? no right to criticize you I'm probably even worse! AND I RUN LINUX whereby a ransomware (or anything else obscene) is just about impossible.) sure you may know where the data on most people's machine resides… /home. but HOW are you gonna access the thing? wipe out the MBR(s), perhaps? too bad I make copies so better find plan "B" somewhere. you could try to upgrade privileges but guess what? I have that directory ENCRYPTED! I also use a 25 alphanumeric character PW. so basically mr RANSOMEWARE you are TOTALLY SCREWED!
I'm no Windows apologist but your comments couldn't be more wrong about Linux.
The security of Firefox is abysmal compared to modern browsers, so much so that a well respected security contest doesn't even bother attacking it any more:
"Pwn2Own 2016 Won't Attack Firefox (Because It's Too Easy)"
http://bit.ly/2kaC6Vx
Disabling "the entire LAN" will make no difference whatsoever if your Linux distro has been or gets infected by ransomware. Therefore disconnecting the SSD, making the drive invisible and so forth won't have much/if any effect if one of your files is surreptitiously infected.
Contrary to your belief ransomware is NOT "just about impossible"; it's out there and is ACTIVELY infecting Linux servers and desktops!
http://bit.ly/2ktOUSU
http://tcrn.ch/2ktNPul
KillDisk is also affecting Linux users as of January 2017 rendering machines unbootable:
http://bit.ly/2il6KXp
I could give many more examples but I won't for the sake of keeping this reply short.
In terms of "upgrade privileges" this is a piece of cake on Linux for an attacker. Their own chief developer Linus Torvalds has continually criticised distro programmers for not making this secure enough. It's easy to remotely elevate privileges in Linux by a malicious entity.
A good explanation of why Linux is not more secure than Windows can be found here:
http://bit.ly/2lvJMh5
http://bit.ly/2lyfxXL
Just five days ago (05/02/17) did a Gentoo Developer harshly criticise Linux for being way behind Windows in terms of security. He gave a dozen examples (there are many more) where Linux has simply not kept up.
http://bit.ly/2kWi9Bi
He's also uploaded some slides showing just a handful of the most appalling problems with Linux insecurity … they're not been fixed for many years:
http://bit.ly/2la02sd
Advanced security features in Windows have been around since 7… which is quite a while ago (7 -> 8 -> 8.1 -> 10) and Linux hasn't implemented a single one. We're now on anniversary editions of Windows 10 and security is constantly improving.
The problem with Linux is that it's maintained predominantly by volunteer developers. Each time a new update gets pushed out, sometimes several times daily, something breaks. They rely upon people sending them details of security fixes and, even when they do, there aren't enough developers with enough time to fix everything.
Even Linus Torvalds recognises how insecure Linux has become:
http://bit.ly/2kazyqv
At least with Windows it's maintained by Microsoft who are paid to keep it updated. Mission critical organisations like hospitals, government departments, military organisations (Department of Defense) and civil authorities use it. Problems are fixed quickly and regular patches are pushed out. There's proper support for legacy versions and regular non-security upgrades.
Not everything Microsoft is good but taking into account the vast disarray of Linux distributions, many of which are not properly updated, and major security flaws in Open Source software being left undiscovered and/or unfixed you CANNOT sensibly suggest that Linux is more secure than Windows.
Here's a perfect example of a developer not updating their encryption software and leaving a master password of "p", believe it or not, which opens any file encrypted by it. Yet people still use the software in the false belief that anything Linux is more secure.
http://bit.ly/2l0CuFj
I used to upload all my files to a cloudshare/dropbox type facility until I realised that they included a spreadsheet file of all my passwords and personal data! I now keep it zipped under password and in fact should just transfer it all to LastPass.
Years ago, when my Dell desktop BSOD'd I discovered the beauty of having a second internal drive to back up to. I used to use a free backup programme but realised that it was missing files out, so stopped using it. I tried Acronis for a while but it slowed my machine down so much I quit using it, even after I'd paid for it.
I used to burn a CD of my critical files every Friday and put it in a metal container in my car glove box! I figured that, if my house burnt down, my car would be ok on the street. I suppose that I might do that with a memory stick nowadays.
I do something very similar – I use the Windows Backup feature to back up my files to a Virtual Hard Drive (VHD) on the same drive *but* I then regularly copy that one file (which has all of my automatically backed up files within it) to a USB. The VHD is encrypted for security and my backup consists of dragging and dropping one file to a USB 3 – it's done within a couple of minutes.
My important data is also replicated in real-time to my encrypted, zero-knowledge cloud provider.
One word of advice SlipperyJim: if you're using ZIP files make sure you're using AES and NOT the old ZipCrypto. If you're making your ZIPs in Windows then they're not secure – they use ZipCrypto which can be easily cracked. 7-Zip provides AES encryption which, assuming you use a strong password, is uncrackable.