How to Easily Protect Your Servers Against Ransomware
Below are some strategies to help protect against ransomware.
The simplest solutions include:
- Invest in a good cloud backup system
- Rotating external hard drives. Only one drive should be connected at a time. Configure external hard drives to use the same drive letter when plugged in and avoid plugging in more than one drive at a time because that would cause Windows to rearrange the drive letters.
- Use separate devices for browsing the internet and do not open email attachments
More elaborate ransomware protection strategies revolve around the idea of making backup files inaccessible to ransomware, which usually runs in a regular user session or LocalSystem:
- Create a dedicated administrator account and change the Log On Settings of “BackupChain Service” from LocalSystem to that new dedicated account. What this achieves is that even if ransomware gets inside the LocalSystem user session, it won’t have access to the folders that BackupChain uses.
- Isolate backup folders (local or on network) so that only the dedicated BC administrator account can write into them.
- If a NAS or network share is used, make sure no one has write permissions to the backup folder, only the dedicated BC user.
- Create two scripts at the start and end of a task to attach and detach storage devices. These could be local/external drives or iSCSI and would only be visible in the server for the duration of the backup task.
- There are power management devices on the market that permit computer-controlled on/off cycles, very much like a relay board. With such a system you could power up a NAS or external drive and power it down when the backup has finished, perhaps with a 10 minute delay at the end to ensure all file system buffers are flushed properly. It is possible to power up those types of power circuits by calling an executable in BackupChain’s Options tab and thereby power up and shut down the storage remotely.
- The best ransomware isolation is a physical disconnect (i.e. power off and physically unplugged, which also protects against power surges). Software-based disconnects and folder isolation are only a hurdle that smart-enough ransomware will be able to circumvent one day.
- Don’t forget that ransomware contains a trojan horse as well, giving criminals access to your computer and hence the entire network. Once ransomware gets into your computer, it allows the criminal to log in and do whatever ‘clever’ crime they wish. True customer story: the criminal gained access to a computer, browsed through documents, found a document containing cloud backup account access details, then logged in to the account and deleted the cloud data manually. But because our own cloud backup storage system also keeps a separate offline copy of all accounts, our customer was able to restore the entire factory’s file server data. All other local backups were lost.
- More general recommendations: keep access limited to certain accounts, do not log on using the domain admin account, and don’t remain logged on to the system when not using the computer. Use separate passwords on different computers. Do not use mapped drives and remove the network connection when it’s no longer needed.
- BackupChain’s version backup feature automatically protects against overwrites by ransomware because ransomware typically encrypts and renames a file afterward. The file, hence, appears as a new file and is backed up separately if the backup system is still running. The original file backup remains untouched.
Note that BackupChain backup software removes network connections that it creates itself when the backup is finished. This reduces the possibility of an attack as well because more elaborate ransomware now checks all outside server connections that are stored in the user session and infects those as well. By running the backup process in an isolated user session, the Local System user session will have no access to those network connections, even if a backup is currently running. If your backup software is configured to do full backups only, with limited retention, the tool may end up overwriting the good data with the encrypted data damaged by the ransomware. It makes sense, hence, to use version backup instead for file server data, so that in either scenario all files are preserved in the backup folder at any point in time.
Backup Software Overview
The Best Backup Software in 2024 Download BackupChain®BackupChain is the all-in-one server backup software for:
Server Backup
Disk Image Backup
Drive Cloning and Disk Copy
VirtualBox Backup
VMware Backup
Image Backup
FTP Backup
Cloud Backup
File Server Backup
Virtual Machine Backup
BackupChain Server Backup Solution
Hyper-V Backup
Popular
- Best Practices for Server Backups
- NAS Backup: Buffalo, Drobo, Synology
- How to use BackupChain for Cloud and Remote
- DriveMaker: Map FTP, SFTP, S3 Sites to a Drive Letter (Freeware)
Resources
- BackupChain
- VM Backup
- V4 Articles
- Knowledge Base
- FAQ
- Archive 2024
- Archive 2022
- Archive 2021
- Archive 2020
- Archive 2019
- Archive 2017
- Archive 2016
- Archive 2015
- Archive 2014
- Archive 2013
- BackupChain (German)
- German Help Pages
- BackupChain (Greek)
- BackupChain (Spanish)
- BackupChain (French)
- BackupChain (Dutch)
- BackupChain (Italian)
- Backup.education
- Sitemap
- BackupChain is an all-in-one, reliable backup solution for Windows and Hyper-V that is more affordable than Veeam, Acronis, and Altaro.
Other Backup How-To Guides
- Ubuntu VM Hyper-V Backup and What You Need to Know for Linux Support
- FTP Server TCP/IP Port Exhaustion Prevention
- Low-Cost Backup Software and Cloud Storage Solution
- How to Install Hyper-V on a Windows Server 2012 Machine
- List of 12 Virtual Backup Software Vendors
- Backup Verification and Validation: Use Self Validating Backups
- 6 Common Cloud Backup Storage Pitfalls You Should Know
- Hyper-V Dynamic Disk Pros and Cons
- Why You Shouldn’t Buy a NAS like Drobo, Synology, Buffalo, Netgear, QNap
- 18 Hyper-V Tips & Strategies You Need to Know
- Server Administrator’s Checklist: Manual Server Monitoring
- Why a Hyper-V Checkpoint Isn’t a Backup
- Why You Need To Defragment Your Backup Drives
- How to Configure a Hyper-V Granular Backup
- Differential Backup
- Hyper-V Backup for Windows 11 and Windows 10
- How to Clone a System Hard Disk, SSD, or RAID to Another Disk
- Hyper-V Fixed Disks: Pros and Cons
- Hyper-V Backup to NAS: Synology, Qnap, Netgear, Drobo, Buffalo
- How to Fix Hyper-V Backup Errors