about ransomware protection

Damien, please understand that this is a User Forum, not an official forum for dialogue directly with Acronis sales, support or development, so we can only give our own opinions and share experience of using this product.

Acronis Cloud is simply another method of protecting your data by storing it in an offsite location - backups to the Acronis Cloud work differently to backups done locally to your own drives (internal or external) or to network drives / NAS devices.  For any cloud backup, there is always an initial full backup make, but after that, Acronis uses a delta comparison method to determine what changes have occurred and only upload those changes.

Acronis Cloud offers some protection from Ransomware in that you can revert to one of a number of previous recovery points (depending on the amount of Cloud storage you have subscribed to).

Using a NAS can also offer some protection from Ransomware but this depends on how you use the NAS?  If you offer direct Windows shares to the NAS drives or folders, then you also expose the same to potential malware attack, including ransomware.

I personally have a Synology NAS on my local home network - I do not use FTP for access but I restrict all access to the NAS to some specific user accounts which have been created only on the NAS itself - these accounts in turn only have authority to specific areas of the NAS, i.e. my Acronis backup folders.

I do not have any Windows shares to the NAS and do not map any drive letters to it.

My Acronis backup tasks use one of the NAS user credentials to allow Acronis to write the backup image files, and the same credentials can be used for recovery when needed, but no Windows user accounts have any access to the NAS drives or folders.

Any protection against ransomware or any other malware is only as good as your overall computer health and internet browsing activities etc.  Keeping Windows fully updated with all fixes, having good security applications (antivirus, firewall, antispyware etc), keeping your other programs and applications updated, employing sandbox applications when visiting any unknown websites, not opening email attachments or clicking on web links etc.

Hi Steve,

I use:

- Acronis True Image 2017 Essential (1- Time purchase)

plus:

- Acronis Cloud Storage (500Go) that i just bought.

With, I can't define recovery points. 

I use:

    - about 2 to 3 Go for my working disk partrition, that I would like to update regularly.

    - about 10 to 20 Go for documentation disk partition That I would like to update less often.

To be able to define recovery points, what i need:

- more Cloud space?

- Standard or Premium subscription?

BR

Damien.

OK,

I did some testing by modifying some files, and re-save to Cloud

After, in Acronis main windows, if i clic "open location" in the backup list, this open in an internet browser with my saved tree. And if I select a files that have been modified, in this case, I have choice the recover versions (time).

But I can't select version if I select the main folder tree.

This means that if I want to recover my hard drive to an earlier state, I have to fetch all the modified files individually .

This suits me in case of last resort. But there is no other way?

BR

OK,

Is more simple to use "Recover Disks" button or "Recover Files" button in ATI main menu after selected the right backup. This allow to choose global image version of files sytem to recover.

Is perfectly what I want.

Maybe I should have read the instructions :)

BR.

Damien.

Damien, glad that you have been able to find the information you were looking for.  I would not rely on the Acronis Cloud as the only backup protection method, but would also have local backups, ideally to drives that are not kept connected (to avoid any malware threat to the contents).

Local backups will be a whole magnitude faster for recovery purposes than using the Cloud unless you have very high speed internet connectivity and bandwidth.

With regards to subscription versus perpetual licenses - my own preference is the latter but if you are happy to pay an annual subscription in order to always have the latest, greatest updates and versions of the application, fine.

The downside to subscription is simply that once you stop paying and the subscription ends, then the ATIH application function becomes very limited to restoring / recovery of existing backups only.

Hi Steve,

My plan is to have a local backup 2 times a day of my work area. (WD Green/Blue 4TB - fanless aluminum enclosure for quiet). This mainly to act like an apple time machine system. But I intend to leave this disk connected permanently (because of its primary function).

For this I intend to use ASZ on limited 2To GPT disk size. This to avoid to wait for restart of HDD on each time when I open Windows File Explorer. This working fine because no volume is mounted.
 

on upper, I would have the Acronis Cloud.

And finally I'll would make manual backups of my work partition on the cloud of my client at strategic times and on non permanently connected device for work partition again and documentation.

Thank you for your advice 

Best Regards

I take the same approach as Steve Smith; definitely avoid mapping to NAS. My setup is very like the one he describes.

While disk recovery from the cloud is quite fast (rather than doing a complete download it seems to do a file by file comparison and only downloads files that are different; it presumably also checks the disk properties (MBR, disk signature and the like). Recovering files is OK so long as you do not do too many - the download starts before the zip file is completely generated and I had problems with the Acronis Server timing out, aborting the download. You have to then restart the process - it is not possible to resume the download (at least not when I tried it out in December 2016; things may have changed since then).

Ian

It is true that basic internet connections are relatively very slow.
For my part, it took me 3 full days to make initale backup of a 20GB volume on the cloud.
With Acronis to do the same operation on an external drive, it takes me about 2-3 minutes with WD WD40EZRZ + basic drive enclosure:

https://www.amazon.fr/dp/B00RCJ54BC

The Cloud remain interesting because after first installation, it only upload incremental data. It remain prefered to not modify too big files. Avoid like in my case to modify outlook 2GB archive files, Otherwise it takes a lot of time (2-3 hours) to do the update.

After, to recover, if needed, if latency time is problematic, we can splite data to recover it in several times. But is true that to recover 20GB with basic ethenet connection, this will take several days.

But it's true that is important to be careful with how to connect a NAS, Because he can take an infection and I think even infect the pc. There are synlock virus and there may be others one. 

I Update my Windows 10 PC automaticaly and have McAfee LifeSafe on my Pc, I am not inocent and pay attention to what I do on the Net. So for my part I prefere to not have NAS directly connected on network (and on the web) even with right SetUp and antivirus. In any way I do not master enough the subject to do this in a safe way, and prefer use an simple external drive with Acronis Secure Zone, backed by the Cloud, backed time to time by second external drive connected only when is needed.

I work in electronic / microcontroller design. I already had surprises with SDK (Start developement Kit) even from big brands. That's why I want a safe system.

Damien

Hello!

I'm not a specialist, but I had a problem with ransomware, so I learned a lot of information about this problem.

Here's an article that summarizes the principles of ransomware http://soft2secure.com/knowledgebase/arena-ransomware, I hope that this information will be useful to you.

Is there an article around here on how to avoid ransomware? If not, this answer should become one. It is an excellent introduction. Now grabbed for later reference. Thank you.

Michael, there have been a number of posts in the forums that have discussed this subject.

See posts: 
118702: Acronis True Image 2016 vs Ransomware  
114970: Ransomware: mount/enable destination USB Disk as Pre-command and unmount/disable as Post-command?  
118140: Ransomware  
109928: Hypothetical: When restoring after ransomware encrytion wipe drive(s) first? 
118528: Ransomware / How to backup to Synology NAS with different user credentials?
124738: Ransomware paranoia - How to prevent backups

Protection against Ransomware or any other type of malware is really a matter of good practice.

• Limit the use of Administrator accounts for users who do not need this level of authority.
• Keep the Windows OS fully updated with all critical updates plus keep other applications / programs equally updated to avoid being hit with exploits for known 'holes' in the same.  Most importantly, keep all security software fully updated (Firewall, Antivirus, AntiMalware/Spyware/Exploit etc).
• Do not open email attachments from unknown sources or when received unexpectedly from anyone, known or not.  Always check that the file extensions for attachments are what they purport to be, i.e. do not be fooled by OpenMe.PDF.EXE type renaming.
• Be safe when browsing the internet - avoid obvious sources of malware.  Use a Sandboxed web browser where possible.
• Make multiple different backups of system data to different locations, keep some offline/ disconnected from the system or network.
• To sum up the above, use Common Sense when using your computer.

It is also be careful to avoid to recharge e-cigarettes or other IOT device directly on one of USB port of our PC, especially if they come from an unnamed manufacturer
Some models make a real USB connection because they can update their firmware, at this moment they can introduce a virus like a USB key.

Damien, an interesting comment, I guess that any USB type device carries the potential for hosting malware, a bit like the old days of floppy disks but far more numbers of USB these days!

Hi Steve,

without going to paranoia,
Because the ramsomware begins to can be lucrative, and because the cost of IOT devices are becoming smaller,
I am certain that some will finance for example fake quizzes competition, just in order to make 'all winner' and to be able to mass distributing low cost IOT infected gift objects and extend infections.
Others could do same for more strategic reasons.
It's the role of anti-virus and other security updates that prevent this, but there is a competition.
In any case, there are other vectors of propagation and some are looking for it.

But in principle being careful as you say, we should be able to get out of it.

Damien, it's not being paranoid to believe that 'they are out to get you!' - a little bit of paranoia can be healthy provided you remain in control.  Ransomware is big business for organised crime these days as evidenced by the monies they can potentially make in untraceable electronic currencies, not to mention that which is 'state sponsored' in certain areas of our world.

sure.

If it's a home computer, the best defense is common sense. Do not you think so?