Protection Against Ransomware, CryptoLocker, Trojans and Viruses
In this article we describe how to protect against ransomware, CryptoLocker, Trojans, viruses, and other forms of digital vandalism.
How to Protect Your Data Against Attacks
Depending how your infrastructure is set up and what kind of virus strikes you may be able to recover from it; however, having a server backup is usually not enough because ransomware maliciously scans all drives and network shares it can find and encrypts each file with a random password. Unfortunately if the ransomware or CryptoLocker virus has access to your backup files, those will also no longer work to recover your data!
The main issue is that there is no way to truly write-protect files when the system actually has write access to them. For that reason there are two main prevention techniques: make access physically impossible (preferred but requires manual labor), and less effective, prevent certain types of ransomware attacks by isolation.
We recommend the following practices to protect against ransomware, trojans, intruders, and other forms of digital vandalism. The only real protection is strategic prevention, in the form of a good server and PC backup.
The Gold Standard Against Ransomware Attacks
The best “gold standard” strategy practiced by many of our users, in addition to other types of backups, is physical isolation and duplication:
First, create a backup task that rotates at least two external drive targets. Many users opt for one drive for each workday. The external drive must be electronically disconnected when the backup has finished. Also, all other external drives that are part of the rotation should not be connected permanently to the server; just one drive at a time. This practice ensures you have a physically detached and 100% isolated backup medium that is protected from manipulation. If all drives are permanently attached, you basically provide the attacker (or ransomware) with simultaneous access to all your backups.
In BackupChain’s File Types screen, the column ‘delayed deletion’ should be set to ‘never’ (default) or a reasonably long period of time to give you enough time to react; otherwise, BackupChain would eventually delete the original file from the backup media when the time limit specified in ‘delayed deletion’ has passed. Likewise, do not use short ‘retention period’ settings as they can also lead to total loss after the period passes.
Note that this strategy also protects against theft, bit rot, media failure, vandalism, electrical issues, disk and file system corruption.
Silver Standard Protection
Next best, prevent within reasonable limits how ransomware accesses backups and other important network information:
First, use a dedicated BackupChain user account to access network target shares. Hint: access network shares in BackupChain via IP address instead of network name to prevent name clashes when other user sessions access the same network server. Second, switch the Log On settings of BackupChain Service to use a dedicated BackupChain user account (domain admin + fixed password) instead of ‘local system’. By doing this, BackupChain runs in its own isolated user session and network shares aren’t accessible from the system user session or other sessions.
Furthermore, it’s beneficial to set up the network share such that only the BackupChain user has access. If you have more than one servers backing up to the same network server or NAS, place each backup client in its own network share when backing up to a NAS so that if one server gets infected, the other server’s data remains intact. Taking this idea to the next level, you could also replicate to several NAS via multiple backup tasks, in case a NAS becomes infected or ransomware somehow manages to get access to it.
General Recommendations
It makes sense to lock down NAS servers to prevent access by other users and to use firewalls even for internal networks. Apart from backing up to targets on the network, consider adding cloud backup, which is also isolated from ransomware access.
The BackupChain Advantage
BackupChain has helped many companies to successfully recover from ransomware attacks. Its file versioning backup feature creates a backup history you can rely on and fine-tune to suit your organization’s needs. In the case of a ransomware attack, you can revert your file server structure back to how it was before the attack by recovering a known restore point and BackupChain takes care of the rest.
Backup Software Overview
The Best Backup Software in 2024 Download BackupChain®BackupChain is the all-in-one server backup software for:
Server Backup
Disk Image Backup
Drive Cloning and Disk Copy
VirtualBox Backup
VMware Backup
Image Backup
FTP Backup
Cloud Backup
File Server Backup
Virtual Machine Backup
BackupChain Server Backup Solution
Hyper-V Backup
Popular
- Best Practices for Server Backups
- NAS Backup: Buffalo, Drobo, Synology
- How to use BackupChain for Cloud and Remote
- DriveMaker: Map FTP, SFTP, S3 Sites to a Drive Letter (Freeware)
Resources
- BackupChain
- VM Backup
- V4 Articles
- Knowledge Base
- FAQ
- Archive 2024
- Archive 2022
- Archive 2021
- Archive 2020
- Archive 2019
- Archive 2017
- Archive 2016
- Archive 2015
- Archive 2014
- Archive 2013
- BackupChain (German)
- German Help Pages
- BackupChain (Greek)
- BackupChain (Spanish)
- BackupChain (French)
- BackupChain (Dutch)
- BackupChain (Italian)
- Backup.education
- Sitemap
- BackupChain is an all-in-one, reliable backup solution for Windows and Hyper-V that is more affordable than Veeam, Acronis, and Altaro.
Other Backup How-To Guides
- How to Fix VSS Error 12344: An error was encountered while Registry Writer
- Hyper-V Backup Error: Could not initiate a checkpoint operation: Element not found. (0x80070490).
- Backup Software with Encryption for Windows 11, Windows Server 2025
- Why Hard Drives Fail, Crash, Corrupt, and Click
- 18 Hyper-V Requirements and Recommended Hardware
- Video Help Pages
- How to Backup and Restore Hyper-V Virtual Machine
- Automatic Hyper-V Backup on a Schedule
- How to Set up a Free NAS with NTFS for Backups and Hyper-V
- How to Fix Error 1219: Multiple connections to a server or shared resource by the same user
- How to Mount an Amazon S3 Bucket as a Drive in Windows
- NAS Backup Software for QNAP, Buffalo, Drobo, and Synology
- Copy Long Path Names and Deep Folders over 240 Characters
- Backup Hyper-V on USB External Hard Drive Pros and Cons
- VMware Cloud backup
- Convert VHD files to VHDX, VMDK, VDI, and Physical Disk
- Backup Software with VSS Support for Windows Server 2025 and Windows 11
- RAMKick™: Like RAMMap but Automatic, Empty System Working Set Memory
- Backup Software and Long File Names: What You Need To Know
- How to Set up P2V, P to V for Hyper-V, Step-by-Step Video