Jump to content
Login with your Gmail HERE and start posting in seconds! ×
Don't just read! Be part of the Community! Join the conversation ×

Ransom ware. Risk? Protection?

THAIPHUKET

By THAIPHUKET
in IT and Computers

 Share

Recommended Posts

THAIPHUKET Platinum Member

THAIPHUKET

Posted
Posted

Assume that you complete communication is stored in the cloud Google Mail Google Docs. assume one day you are locked out from accessing any of this information. For whatever reason.

The only protection seems to be a complete download in 1 batch. How to do that? How to keep it readable and searchable?

THAIPHUKET Platinum Member

THAIPHUKET

Posted
  • Author
Posted

That Yahoo mail was blocked by US Congress because of excessive risk of ransomware.

I don't get paranoid about these things. Probably a very low risk for a small user . But still I like to think these things through

ttac Apprentice Member

ttac

Posted
Posted

I'm not sure I'm totally following you and I don't used Google unless I have to (necessary evil since I have an Android phone), but after a very quick Google search I found this: https://support.google.com/mail/answer/1306849?hl=en

"

Gmail Offline: Sync & storage

Gmail Offline is a Google Chrome app that lets you read and manage messages when you don’t have an Internet connection. Any changes you make in Gmail Offline are automatically updated or synced when you’re back online.

For a better sync experience, get the Gmail Offline Sync Optimizer Chrome extension."

More in the link, just a snippet from the top of the page.

Hope that helps.

Cheers

Rob13 Senior Member

Rob13

Posted
Posted (edited)

Back everything up on USB and don't keep anything you can't afford to lose (banking info etc) in the cloud or on your device.

Edited by Rob13
lopburi3 Legendary Member

lopburi3

Posted
Posted

But make sure USB is disconnected after backup made - the requirement is that ransom ware can not access backup - or they can encrypt that also.

CaptHaddock Gold Member

CaptHaddock

Posted
Posted

Since you cannot know at which point your system became infected with ransomware (the encryption may take place some time after the infection,) you have to have a series of backups going back some ways to be able to restore to a clean system. Therefore you should be taking daily backups of your data. These can be differential backups stored on a cloud site somewhere, but not on a cloud server that is mounted as an external drive on your Windows installation. In addition to daily copies of your data, you need a series of image backups going back in time so that you don't have to rebuild your server if it becomes infected. The problem with image backups is how do you verify them?

You can do daily differential backups of your data to some cloud using donationware duplicati from duplicati.com. There are youtube videos showing the setup.

So, that's complicated. In fact, the safest way to run windows is not as a native install, but as a virtual machine under Vmware Workstation or VirtualBox running on top of a linux server. Since the linux server must be 100% clean at all times, you must never browse or get email on the linux level. Then, your Windows vm is just a bunch of linux files for which you can take daily differential backups perhaps to a usb drive local to the linux server, but not visible to the Windows vm. One significant advantage of backing up the vm files instead of using an image backup is that you can verify the backup just by mounting the backup copy. You can also do single file restores in the way.

Running Windows as a vm under Vmware Workstation also lets you take snapshots to which you can revert with a single click. So, whenever I install new software on the Winvm or update programs, I take a snapshot so that I can get back quickly and reliably to a known clean version.

The best strategy is therefore to have multiple ways to get back to a clean install without rebuilding, but which can be verified. Then you don't have to worry about ransomware, failed hardrives, etc.

THAIPHUKET Platinum Member

THAIPHUKET

Posted
  • Author
Posted

Thank you Captain but no chance on earth that my retired brain able so set this up. Can you tell me what residual risks I have if I chose the easy way out= the Google back up?

And secondly= how can I download in one or more batches of say 1 giga of gmails, 95% text, but keep it searchable. Doable?

ttac Apprentice Member

ttac

Posted
Posted

To the OP, you also mentioned Google Docs. Not sure if you are concerned about having access to those if you Google account got locked out, but if you are, try looking at this link: http://www.howtogeek.com/227032/how-to-use-google-drive-offline-on-a-deskop-or-mobile-device/ There is a link there to here: https://www.google.com/drive/download/ which should allow you to download something for the PC. As far as email, maybe try another email client to more easily get what you are looking for (I think). Maybe give something like Mailbird: http://www.getmailbird.com/ a try. There are lots of email clients, but I just downloaded and tested it with my gmail account and it seems to work pretty well, with a simple interface. Emails are stored local. Just some thoughts.

Good discussion and certainly got me thinking more seriously about security. Was just relying on Avast and common sense. Went ahead and augmented that with Malwarebytes.

I'm also now doing a backup to an external USB driver and will do that once a week. Not working on tons of files every day, so once a week, for now anyway, keeps it safe.

I use Onedrive with all files synced to my PC. I realize now all those can get get encrypted by ransomware, so that is where the complete system backup comes in. Also, I have a laptop setup the same way, I don't use that when I'm at home and when I'm using the laptop when I'm away, the PC won't be in use or won't be logged in to my account. I'll probably bring the laptop up once a week to get a fresh sync. I use Office 365 which comes with the Outlook application and I keep all emails cached local, again, on both the PC and laptop. I also have 2 factor authentication setup on my account. I suppose if I got to working on a project, and needed to make sure files were secure, I'd bring the laptop up once a day and get a fresh sync.

The VM solution is pretty interesting and I will probably put that to use for my girlfriend when she wants to log in (although she is quite happy on the phone or tablet). I'll be going the other way though since I have Windows as my base OS and will set up some flavor of Linux, maybe Ubuntu. I have VMware for some other things I do easy to set up something.

Biggest thing is probably using common sense and avoiding things like opening links to emails without using caution (hovering over the link to see exactly where it is going. I found out about this site in some of my research today: https://www.virustotal.com/ so will give that a shot if I come across any suspect links.

I feel reasonably safe and confident I could recover, at least satisfactorily from the majority of the security issues.

CaptHaddock Gold Member

CaptHaddock

Posted
Posted

Thank you Captain but no chance on earth that my retired brain able so set this up. Can you tell me what residual risks I have if I chose the easy way out= the Google back up?

And secondly= how can I download in one or more batches of say 1 giga of gmails, 95% text, but keep it searchable. Doable?

I am not familiar with Google Backup. Does that just do a backup of your files to Google Drive which remains mounted on your system as an external drive? If so, it would afford no protection at all against ransomware which could just encrypt the Google Drive along with your computer. Duplicati backups to a cloud server normally avoid this risk since the cloud drive is not mounted as an external drive on the computer.

You would probably be best off by doing image backups of your whole system to a local usb drive which you would detach after each backup. If you were to take them once a month the most data you would lose would be the most recent month's worth.

CaptHaddock Gold Member

CaptHaddock

Posted
Posted

to the OP

On reflection if all you want to do is backup his Google Drive files then you can do this with duplicati (version 2) from duplicati.com. You can download and install the free software. Then configure it to backup your Google Drive without encryption to, for instance, an external usb drive. You can turn on Windows indexing for those files and then you will have what you asked for. But the problem is how to keep a clean backup? You could just buy a few usb drives and rotate among them, taking a backup once a week, for example. It wouldn't be fool-proof, but it would give you a good chance of recovering files that had been rendered unuseable.

As an alternative, you could use duplicati to copy the files from Google Drive directly to another cloud storage site, eliminating the need for local usb drives. You wouldn't have to encrypt the files in that case either, but you should not permit the backup cloud site ever to be mounted on your computer as a drive. The disadvantage of this approach is that it will take twice as much time since it will download each file and then upload it. A site like 4shared.com will give you 15GB free and has a webdav interface that duplicati can use eliminating the need to mount it as a drive.

Whether these tasks are within the compass of your skills, I cannot say.

Jdiddy Advanced Member

Jdiddy

Posted
Posted

I find being careful of what you do on the internet and what you install to be the best prevention. I dont even run anti virus and have no problems

If things screw up though its a simple case of format c: and reinstall everything including updated software and drivers, feels like a new computer as a bonus

Chicog Star Member

Chicog

Posted
Posted (edited)

I find being careful of what you do on the internet and what you install to be the best prevention. I dont even run anti virus and have no problems

If things screw up though its a simple case of format c: and reinstall everything including updated software and drivers, feels like a new computer as a bonus

The more layers of protection you have, the better.

Nothing wrong with using good practice AND antimalware/hacking tools.

Edited by Chicog

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.






ASEANNOW

ASEANNOW (formerly Thai Visa) Thailand's oldest and most popular forum for expats and foreigners.

Sign up today and have your say

MORE INFO

POPULAR AREAS

CONTACT US

219/59 Asoke Towers, 15th Floor, Soi Sukhumvit 21, Watthana, Bangkok 10110
(+66) 99 196 1100
[email protected]

×
×
  • Create New...