As I understand it, Ransomware can scan any connected drives and potentially encypt files.
What if I take my backup drive offline using the Diskpart 'offline' command?
Will the infecting program know that the drive exists?
Try StreamFab Downloader and download from Netflix, Amazon, Youtube! Or Try DVDFab and copy Blu-rays! or rip iTunes movies!
+ Reply to Thread
Results 1 to 5 of 5
Thread
-
-
As this article explains, anything that can be done, can be undone.
https://www.infopackets.com/news/10422/8-ways-protect-your-backups-ransomware -
Safest way to backup is to pull data, not push.
Safest backup system is entirely offline, only on-network.Want my help? Ask here! (not via PM!)
FAQs: Best Blank Discs • Best TBCs • Best VCRs for capture • Restore VHS -
Thank's for your responses.
@lingyi re the link:
For example, the ransomware may begin its operations by scanning all available drives using the mountvol command, mount all available drives, then encrypt data on all drives
That 'mountvol' command is interesting...but if I use Diskpart to take a disk offline, it's no longer visible to 'mountvol'.
The disk is shown in Disk manager as 'offline' and with no a letter.
If I use the utility 'Hotswap!', the disk is not listed in 'mountvol' or Disk Manager.
The only way to get it back and get-at-able is a rescan.
@lordsmurf
I take your point and I keep a once a week cloned copy of my System and Data disks in a caddy in the PC.
The caddy has a power switch which I use to power down the caddy after the cloning.
It's the daily backups to various external drives that are my main focus and how to keep them secure. -
Not familiar with the mountvol command, but bottom line is any backup drive attached to the PC at any time is prone to attack. As the last comment on the site states, ransomware or a virus could be running on your PC for weeks or months before it's activated, monitoring keystrokes and events, even waiting until you turn on your weekly backup drive online to attack.
The best you can do is have a good antivirus, practice safe computing, backup often (2x daily, 2x weekly or more on different drives), and accept that whatever was hit at the time of the attack is gone.
Similar Threads
-
Ransomware Corrupt Video Files
By nostalgia in forum Video ConversionReplies: 3Last Post: 18th Sep 2019, 21:24 -
Mediacoder now ransomware
By aedipuss in forum Latest Video NewsReplies: 29Last Post: 28th May 2016, 10:07 -
Ransomware in the Cloud
By SameSelf in forum ComputerReplies: 3Last Post: 19th Jan 2016, 15:39