Ransomware... Just in case question

I use TrueImage for an image backup to an external USB hard drive. The drive is only connected when doing the backup. If I have to do a restore I start the computer from the TrueImage restore DVD witch loads TrueImage and reads my backup USB drive. Can ransom ware or any other bad stuff cause problems with this method?

ANY backup method can absorb the malware at the time it is connected for backup. This includes drive imaging tools such as True Image, EaseUS and Macrium Reflect. If there is malware on the backup drive there is a risk of reinfecting onto the new machine. The HOPE would be that by the time you restored your backup the AV programs could spot and neutralize it.

1492 talks about a method for preventing malware from making changes on your machine even if it lands there. If you take your own user account down in priviledges from Admin (the default), and reset your data drives to read only, then a lot of the problem is prevented--but not all of it. And at the same time you will then have to ask permission any time you wanted to save something new to those hard drives.

This malware is spread by either phisically clicking on a malware link -OR- preconfiguring your browser to play videos, music, etc automatically without you giving permission. This is how "driveby" malware gets on your computer. If you simply rest your browser so that you have to click 2 or 3 times to get any animation or advert to play, the malware cannot jump to your machine--UNLESS there was a MASSIVE infection on the web (AMZN, MSFT) that you would have heard about.

Actually, what I'm saying is to restrict write privileges to the backup drive, not all drives. It would be the same as disconnecting the cable or power to the backup drive without having to do so.

Though you can be infected by ransomware in different ways, the most common is through social engineering. Making the end user believe the file is legit, when in fact its malware.

The most dangerous aspect of ransomware is that there is no incentive for the hackers to provide you the de-cryption key, once they have your money. There is no need for customer service on their end?

Your only real defense against ransomware when connected to the Net is to make backups on a regular basis.

LScamper wrote:
I use TrueImage for an image backup to an external USB hard drive. The drive is only connected when doing the backup. If I have to do a restore I start the computer from the TrueImage restore DVD witch loads TrueImage and reads my backup USB drive. Can ransom ware or any other bad stuff cause problems with this method?

As long as you are not booting the OS from the infected drive, restoring your backup from an image will work fine (IE virus is not active since it depends on specific boot files it infected in order for it to start).

So, booting from a bootable DVD essentially prevents the virus from starting provided you do not open an infected file on the infected drive..

This is another way to run antivirus software also (although once your files are encrypted there is no point in messing with trying to clean up using antivirus).

Once booted to the DVD drive you can blast the virus laden drive by dropping the backup image onto the drive.

Gdetrailer - thanks for the info. That is what I thought but was not sure.

Remember "THE CLOUD" is nothing more than a computer server housed in a giant server farm somewhere. The cloud is vulnerable to every kind of mishap your own computer is including mechanical breakdown, hacking,viruses malware etc.

The "Cloud" is certainly THE CLEVEREST marketing term to come along in a great while.

Too bad the Oil Industry didnt have sense enough to re name Fracking which is as horrible sounding as "THE CLOUD" is reassuring.