How to Easily Protect Your Servers Against Ransomware

Below are some strategies to help protect against ransomware.

The simplest solutions:

  • Cloud backup
  • Rotating external hard drives. Only one drive should be connected at a time.

More elaborate strategies (revolve around the idea of making backup files inaccessible to ransomware, which usually runs in a regular user session or LocalSystem):

  • Create a dedicated administrator account and change the Log On Settings of “BackupChain Service” from LocalSystem to that new dedicated account.
    what this achieves is that even if ransomware gets inside the LocalSystem user session, it won’t have access to the folders that BackupChain uses
    isolate backup folders (local or on network) so that only the dedicated BC administrator account can write into them.
  • If a NAS or network share is used, make sure no one has write permissions to the backup folder, only the dedicated BC user.
  • Create two scripts at the start and end of a task to attach and detach storage devices. These could be local/external drives or iSCSI and would only be visible in the server for the duration of the backup task.

Note that BackupChain backup software removes network connections that it creates itself when the backup is finished. This reduces the possibility of an attack as well because more elaborate ransomware now checks all outside server connections that are stored in the user session and infects those as well. By running the backup process in an isolated user session, the Local System user session will have no access to those network connections, even if a backup is currently running.

BackupChain Overview

The Best Backup Software in 2020
Download BackupChain®

The all-in-one Backup Solution for
Disk Image Backup
Drive Cloning and Disk Copy
Hyper-V Backup and VHD File Backups
VirtualBox Backup and VDI File Backups
VMware Backup and VMDK Backups
FTP Backup and Secure FTPS Backups
Cloud Backup and Remote Backups
File Server Backup and Data Backups