Ransomware Protection

Ransomware Explained

Ransomware has grown to be one of the most dangerous problems on the web. It appears as a form of malicious software which encrypts files on a computer or does it remotely.

Ransomware is often spread through phishing emails that contain malicious attachments or through drive-by downloading. Drive-by downloading occurs when a user visits an infected website and then ransomware trojan is downloaded and installed without the user’s knowledge.

Encoders, a malware species that encrypt files, are spread through similar methods and has also been spread through social media, such as web-based instant messaging applications, for example. Additionally, newer methods of ransomware infection have been observed. For example, vulnerable Web servers have been exploited as an entry point to gain access to an organization’s network.

Nowadays, if you are attacked with file-encrypting ransomware, criminals will brazenly announce they're holding your corporate data hostage until you pay a ransom in order to get it back.

It sounds simple, but it's efficient: latest statistics state that cybercriminals pocketed over $1 billion from ransomware attacks during 2016 alone as well as a Europol report describes ransomware having "eclipsed" most other global cybercriminal threats in 2017.

Retention Policy off the Bench for Assistance

CloudBerry Lab offers retention policy best practices for ransomware protection. It is recommended to set a delay of 30 days or more to ensure any ransomware infection that renames files does not cause your old (good) backups to be removed from backup storage. With this setting, any locally deleted files will remain in backup storage for the specified number of days.

New Backup Format

To set up the protection of your backups against ransomware, customize the retention policy for your backup. Follow the hints below to create the custom retention policy that suits your needs and requirements.

  1. Select the backup plan you want to modify for protection, then click Edit.
  2. Follow the Setup Wizard step until Retention policy step opens.
  3. Customize the following retention settings according to your preferences. It is recommended to keep backups at least 5 weeks.

  1. Click Next once you finished settings.

Legacy Backup Format

To set up the protection of your backups against ransomware, customize the retention policy for your backup. Follow the hints below to create the custom retention policy that suits your needs and requirements.

  1. Select the backup plan you want to modify for protection, then click Edit.

  2. Follow the Setup Wizard step until Retention policy step opens.

  3. Customize the following retention settings according to your preferences.

    Specify custom retention policy for backup plan option allows you to create a customized retention policy which helps you to keep your files safe from ransomware attacks. Select it to activate the retention policy settings.

    Delete versions older than option allows you to customize the periods of your file versions deletion. Select the appropriate check box to make the detailed settings available. Use the spin boxes to specify the period of keeping your file versions for the required period of time to secure them from ransomware attacks. Specify the counting mode by selecting the corresponding item (modification date or backup date) from the drop-down menu to the right.

    Keep number of versions (for each file) option enables you to specify the number of file versions that are kept in your backup plan. This secures your files in case they are encoded by ransomware, as you can easily restore clean file version. It is recommended to keep at least 3 versions. You can specify the number of versions kept using the Number of versions spin box.

    Delay purge for: option allows you to customize the period within which your file versions are not purged from backup. Select the corresponding check box, then specify the purge delay period (for example, 2 weeks).

    Delete files that have been deleted locally option allows you to manage the deletion of files in your backup storage that are deleted locally. To secure your backup against ransomware attacks, it is recommended that you keep this check box clear.

    Do not show warning for files to be deleted is an option that allows you to avoid receiving warnings about the deletion of files stored locally. In the context of ransomware protection settings, it is not recommended to keep this check box selected.

  4. Click Next once you finished settings.