Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

[Question] Backup Solution for CryptoLocker Variants


  • Please log in to reply
1 reply to this topic

#1 xremainnameless

xremainnameless

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:03:09 AM

Posted 14 April 2014 - 02:19 PM

Hello everyone.

 

I have just received my first experience with "CryptoDefense" on a client's PC.  It made me wonder what the best backup solution would be.

 

I have instructed my clients to have a rotating schedule of backups (using external HDDs rotated out 2-3 times a week), but I know they don't follow through with it.

 

What I'd like to accomplish is a "One-Click" solution for my clients to be more inclined to do backups when they are scheduled.  I use automated local backup options (SyncBack), along with automated off-site backups (again, SyncBack or Carbonite), all going to Windows-based machines (server or desktop).  I still see an issue if a client is infected with one of the Crypto variants.

 

I'm trying to build a solution that will be easy enough for a client to follow through with backups.

 

What I was thinking was introducing a Linux box to each client's site, with a virtual machine acting as the file server.  Then, using the Linux host OS to backup the virtual machines (using snapshots and full backups).  Then, using some automated software to make local backups from the Linux host OS to an external solution (rotating out a couple of times a week).

 

Am I on the right track to making a "Crypto-proof" backup solution?  If not, I would appreciate some suggestions.  I would love to trust my clients to make sure that they are backing up data accordingly, but I simply cannot.

 

Thanks,

Will



BC AdBot (Login to Remove)

 


#2 Kilroy

Kilroy

  • BC Advisor
  • 3,321 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Launderdale, MN
  • Local time:02:09 AM

Posted 15 April 2014 - 08:55 AM

First off you can only advise your clients on what they should do.  If they select not to follow your advice then they can pay the price, either to decrypt the data or total loss of the data.

 

You should be advising them to follow the 3-2-1 Backup Rule

 


  • At least three copies,
  • In two different formats,
  • with one of those copies off-site.

 

Then advise a backup rotation that fits the amount of time they need to be able to restore data.

 

A Crypto proof backup plan will have one off line copy of the data that was created prior to the infection.  If Carbonite keeps older versions of files that may be sufficient.  As I do not use Carbonite I cannot tell you how difficult it might be if all files were encrypted to restore the previous version of the files.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users