>From: Mouse <mo...@rodents-montreal.org>
>
>> I think a more important issue in backing up is "How many GENERATIONS
> >to you keep around?"
>
>For many purposes, that's an important consideration, yes. There's
>something (small) I back up weekly for which I keep the most recent
>seven backups, the oldest backup in each of the most recent twelve
>months, and the oldest backup in any year. I'm considering something
>of the sort for my house backups - live replication to a backup host,
>with a once-a-week freeze of the replica, storing past replica drives
>on a scheme somewhat like the above.
There is a ramsomware variant that encrypts the files but silently decrypts
them when they are accessed. It does this for six months before deactivating
the on-demand decryption and displaying the ransom message, the theory being
that by that time all of the backups will be of the encrypted files, and thus
will be useless for restoring good versions.
As to how one can become infected, see
http://www.theregister.co.uk/2015/08/27/malvertising_feature/?page=1. Major
sites, such as The New York Times, Reuters, Yahoo!, and Bloomberg, have been
serving malware -- including ransomeware -- through hijacked advertisements. No
need to click on anything, the ad serves up the malware.
BTW, where I work got hit with ransomeware in December. We were lucky that it
first hosed the accounting/time tracking database, which generated errors when
someone tried to enter her time. When I went to restore a backup of the
database, I noticed the ransomware's html ransom note file and shut down the
system before too many more files were encypted. We were able to restore
everything (except the originally infected user's computer, which we wiped and
reinstalled) from an unconnected backup drive.
Bob
