Ransomware-Safe Backup Question

rackhs said:
this is not necessarily true. they quite often are security updates because they have found a security flaw/hole and are fixing it. By NOT installing the updates, you are leaving yourself potentially open. This was a major part of the recent ransomware attack where the systems didn't have the latest patches.
Click to expand...

In fact the Wannacry attack was through open ports on routers (specifically port 445) which is used for Microsoft's file sharing using its "Server Message Blocks" (SMB)

The attackers did not need to send malicious e-mails all they had to do was scan the internet using a scanner such as Shodan and when they found an open port send it Wannacry.

See more details here:

http://www.computerworld.com/articl...ed-defense-against-wannacry-and-adylkuzz.html

and here:

https://www.grc.com/port_445.htm

But on my surfing PC no ports are open.

As a first defense I do not use Wi-Fi, my Internet dongle is connected directly to my router which is then wired directly to my PC.

I also use a VPN (Security Kiss) both on my real PC and in my VMs.

I also regularly check my port security using "Shields UP":

https://www.grc.com/x/ne.dll?bh0bkyd2

This shows that ALL my ports are always shielded and thus no malicious software, like Wannacry, can get onto my machine.

I also do not have any browsers on my PC, all my browsing is done inside VMs protected by a VPN and a free copy of Avast, which also runs on my "real" PC.

I am writing this on my "Photography" VM and when finished it will be shut down giving no way for anyone or anything to attack me.

My PC is also totally encrypted with triple encryption and a very long password.
 
Nice strong set up, will give you that [emoji846]

Not sure if you are disagreeing with me about patching or not by saying that it was a port issue. The port/firewall options in the links are just ways to stop it spreading. It is just one way of defending against it. Patching is still a very valid option - especially as patches can often fix more than one issue, just blocking the port stops that particular route of attack.
 
rackhs said:
this is not necessarily true. they quite often are security updates because they have found a security flaw/hole and are fixing it. By NOT installing the updates, you are leaving yourself potentially open. This was a major part of the recent ransomware attack where the systems didn't have the latest patches.
Click to expand...
If he cannot update the OS because he is never connected to the Internet, no viruses, trojans or other nefarious items can get to his computer, negating the need to update.
 
john.margetts said:
If he cannot update the OS because he is never connected to the Internet, no viruses, trojans or other nefarious items can get to his computer, negating the need to update.
Click to expand...

very true, good point well made :) then, you are just hoping that the updates you can't install don't fix any sort of bug that could corrupt or loose data or make the system 'play-up'...
 
I probably overdo my backups if that's possible. We store almost nothing on the local, laptop drives. Everything is on the NAS. The NAS then backs itself up every night to both AWS and Azure (both cost less than £1 a month for the data I have). The cloud backup excludes all the ripped (sorry, backed up) DVDs due to size. The whole NAS is then backed up once a month to a USB drive that lives in my desk at work, this is done using the free version of SyncBack.

The Mac has both a local TimeMachine backup and is also backed up to Backblaze.
 
You must log in or register to reply here.
Back
Top