Crypto virus encrpyts tib files
Hi all
Bad news for my reputation and of-course my customer, where a encryption virus from a fake email not only encrypted his doc/pfd/xls files, but also his password protected tib files. I thought password protecting them would help but clearly not.
Does Acronis consider the home user disciplined enough to take their backups "offsite"? The sotware is complex enough in its methadology that I'm sure all my customers would rather me do it. However I obviously can't be there at their homes and businesses to perform this, so what is the answer? What could I do to better protect tib backups from Crypto* viruses? Let Acronis encrypt during backup?
TL:DR - TIB files are not safe from Crypto viruses.
Unfortunately the customer's internet bandwidth makes it infeasible to use such services. I was just hoping to know whether Acronis encryption is necessary now to protect tib files.
Whether the file data is encrypted or not doesn't matter with cryptolocks, as long as the rogue software has access to the file, it can encrypt them. The only way around is to prevent access to the backup files (ie keep a copy offline/offsite)
I made a post about this exact issue some time ago whem I foresaw that this could happen: https://forum.acronis.com/forum/109233
My reason for looking at backup software was to find a way to keep me safe against this exact issue, and now you've confirmed my fears and we know that acronis doesn't keep you safe at all. I am sure there are more people out there losing their data to malware than to hardware faults. Honestly I took for granted that backup software would try to protect you against this kind of data destruction by having some mechanism to ensure that the backup data can't get corrupted, but this is something they have totally overlooked. They are only offering their customers false security if anything. I still haven't found a good solution to this, but I will expect that to make a secure backup you will have to either:
1. Explore the possibilities of starting and running acronis as another windows user that is isolated from the rest of the system in such a way that malware won't have access to the acronis GUI and the credentials/password of the network share/directory you're saving the backups to. If there even is a way to do this, it's not something a novice user will be able to do, and it's going to be an ugly hackery way to do it. You'd hope that ATI2016 would have been able to automate this for you to justify the spent money but unfortunately... nope..
2. Store backups to a NAS share, then have another computer regularly copy the backups from that share, to another share with a different password that the system you want to protect doesn't know about. Obviously this is going to eat a lot of space, both in terms of data stored, and in physical space in your home as you need to invest in a second computer. It's not really a reasonable solution, but it looks like the best alternative there is.
I've been searching around a lot and haven't found anything out there yet that will reliably and automatically keep your data safe from cryptolockers with a reasonable hardware setup and price. You'll still have to waste your time doing primitive manual backups and removing the backup media afterwards which is what you are trying to avoid when buying backup software. Windows already knows how to copy stuff on its own. Only backup services with a monthly subscription or enterprise systems made for businesses will do this properly and automatically.
They are only offering their customers false security if anything.
This is certainly a conundrum not only for Acronis, but any company developing backup solutions. As much as Acronis would like their product to be home user friendly, the theory, creation, procedures and maintenance required for the average home user to own Acronis was too complex to the point where I created a service to monitor their backups. Please before anybody in the IT field notes offsite/offline consider as we often fail to do the commitment required of most end-users to facilitate this in a consistent manner. It simply won't be done.
My customer's recent event, which the customer paid the ransom for really rocked my faith in my own service which as John mentioned I really only anticipated to assist in the event of hardware faults rather than malware. Limited testing told me that older Crypto malware didn't care about TIB files; but oh how the goals have changed. Regardless, IT in particular is a game of adaptation and we must find solutions to manouever in an ever evolving battlefield.
From my perspective Cryptolockers don't really increase or decrease the risk of data loss that backup practices are there to remedy. Non-protected backup files can be infected, erased, destroyed by hardware failures...
It comes back to have redundancy and diversification of backup technologies, timing and location.
I personally backup my content to a RAID1 NAS using samba shares, and the NAS backups are backed up to another NAS under other credentials, using rsync. I don't use mapped drives, only network shares. I also duplicate the RAID1 NAS content to USB disks that I take offsite and rotate from time to time. Finally, I back up irreplaceable content (personal documents and photos) to a cloud backup solution, as a redundant solution. For backup software, I use a combination of Acronis, PC sync software, proprietary NAS backup solution, and rsync.
@Pat
Judging by your MVP, we are not highlighting what you are clearly able to do but what can be achieved by Mr John Citizen an amateur photographer, whom bought ATI Home (because it is marketed to him) to back up his photos. Or what I am able to perform as a cost effective measure to help my non-technical customers perform backups where there was zero chance before.
What "hope" does Acronis offer there poor souls?