Ransomware that is rampant, the most effective countermeasure is "backup"
This year, the threat of "ransomware" has become a big topic.In Japanese, "ransom software".It is a troublesome internet crime that hijacks a PC and encrypts user data without permission, and threatens to "return the data and pay for it if you want it).It seems that the criminal side seems to be a low -risk and efficient profitable mechanism, and is very popular in Japan.
The IPA (Information Processing Promotion Organization) reported that the number of ransomware infection damage has soared in March this year, and has warned many attacks (image is from the IPA site).
Ransomware is a type of malware, and its countermeasures are essentially a "virus software" territory.However, ransomware is a bit different.
In an informal place, when I asked multiple virus countermeasures software vendors, "What kind of measures do you recommend as a ransomware measure?"。
Not only ransomware, but recent malware has been developed and "improved" using advanced technology so that it is not detected by virus software.Even with the introduction of antivirus software, it is not always possible to detect the latest ransomware, but it is "insufficient measures."
On the other hand, if you back up important data, you can return the data to the original even if the data is encrypted in the ransomware.You don't have to pay a ransom, so you don't have a crime.As a writer, I don't think it's a bit more on the virus software side, but it's an accurate answer that "backup is effective for ransomware measures".
Backup function "File history" provided by Windows 10 as standard
Until now, the main purpose of backup was to protect the important data in preparation for the failure of HDD and SSD.A variety of paid backup software is also sold, but on client PCs, the penetration rate is not always high.
However, since the recent Windows (Windows 8), the backup function for client PCs is installed as standard, making it free and easy to use.There is no way not to use this.
The current Windows has two types of backup functions as standard.One is the conventional "Windows backup" function, which regularly backs up according to the specified schedule.The other is the "file history" function for client PCs used this time.
The file history function is similar to the "time machine" function of MacOS (OS X), and automatically backs up user data (files and folders).At this time, only the data whose content has been updated is backed up, and at the same time, the old data is left as a date.
If you use the "file history" function, you can restore the data at one point (as of the backup execution).
As mentioned above, this file history is an OS standard function added from Windows 8 and can be used for free.Unfortunately, it cannot be used before Windows 7, but now it is only during the free upgrade to Windows 10 (until July 29).Why don't you take this opportunity to take this opportunity to upgrade to Windows 10?
In the following, let's explain how to back up user data on a PC using the file history function of Windows 10.At this time, we will also introduce how to enhance security settings so that the backed up data is not attacked (encrypted) by ransomware.
There are some ransomware that aim at smartphones and tablets instead of PCs.This is an attack method that locks the launch of a mobile device, which is very different from the PC.Therefore, it is not handled in this article.
Preparation: Prepare a destination drive for backup data
First, prepare a destination drive of the backup data.If it is a desktop PC, you can use an external USB HDD, USB memory, and NAS (file server) on the network.The same is true for laptops, but it is convenient to use an SD card if it is a notebook PC with a built -in SD card slot.Recently, large -capacity ones can be obtained cheaply, and they are durable enough.
However, if you want to back up a company's business PC, it is recommended that you save the NAS that cannot be taken out of the company as a destination for backup.If you easily back up to an SD card or USB memory, the media may lead to information leakage.
Also, if the backup destination becomes an SD card or USB memory, you should encrypt it in advance for theft or loss.With Windows 10 Pro / Enterprise Edition, the entire drive can be encrypted using the OS standard function "Bitlocker to Go".
If you want to drive a remove media (SD card or USB memory), you should encrypt it with Bitlocker for theft or loss.
Set the OS standard "file history" function
Once you have a driving destination drive, set the file history function.
In the case of Windows 10, if you proceed with "Settings"> "Update and Security"> "Backup" in the start menu, the setting screen "Backup using file history" will open (or directly in the search window, the "file history is directly".You may search for "settings and open).
Here, first click the " +" icon and specify the save destination drive of the backup prepared earlier.If you want to specify the NAS (file server) on the network, you can specify it by clicking "Add Network location".
Once the save destination drive can be specified, turn on the "Automatically Run File Backup" switch.
Turn on "Automatically execute files backup"
Next, click "Optional Options" to set a more detailed backup option.Here, the execution interval of the backup (the initial setting is "every hour"), the retention period of the backup data (the initial setting is "indefinite"), and the folder to be backed up can be set.
If the execution interval is short and the number of files to be backed up increases, the backup process may be heavy and other tasks may be affected.If you think it's heavy, adjust here.In addition, the retention period should not be changed as "indefinitely" due to security settings to be performed later.
Backup option setting screen
After "exclude" useless files, execute the backup
The biggest problem in backup is its capacity.If you back up to files that do not need to be backed up, the capacity of the saved destination drive will quickly become insufficient.Therefore, the data that does not need to be backed up is set to be excluded in advance.
For example, the "download" folder will save a file (such as software) downloaded from the web.These files are basically downloaded, and you don't need to back up.In addition, files such as old photos and videos do not access very often and rarely update the contents.These data can be transferred to media such as external HDDs and DVD-Rs, and only the minimum required for driving on the PC should be placed.Moving to offline media is also effective as a ransomware measure.
Of course, if the destination drive has enough capacity, there is no problem if you put a large file.In the file history function, only the updated files are backed up from the first time (difference backup), so the backup data is minimal capacity.
Once you have set the above, click the "Backup now" button and execute the first backup.When the backup process is completed without any problem, the date and time of the backup is displayed in the "Latest Backup" column.
After that, the data update will be automatically checked for each set execution interval, and if there is an updated data, it will be newly saved.At this time, even if the saved destination drive is not connected (for example, if the SD card or USB HDD is removed), the update contents are cached to the local dive, and the backup is backed up when the save destination drive is connected.There is no problem because it is saved.
The backup has been completed with the file history function.After that, only the changed data is automatically backed up.