Recent publicity seems to have woken people up to the dangers of Cryptolocker

I’m still seeing lots of references to the security measures we should take to protect ourselves against Cryptolocker and a lot of my computer support clients are also asking for my advice as to whether they are adequately protected. If you don’t know what I’m referring to, have a look at these two blogs:

GameOver Zeus and Cryptolocker
Cryptolocker

The main area of inadequate protection that I am finding amongst my computer support clients is the lack of an “offline” backup.

What is an offline backup? We refer to stuff being “online” if it is connected to your main system – ie directly connected to your laptop or desktop computer or connected to your local network via your router. Stuff that is “offline” is likely to be either:

  • A USB thumb drive (also known as a “memory stick” but that is actually a proprietory name of a Sony device) that is not plugged into your computer at the moment
  • A DVD or CD
  • An external hard drive that is not connected to your computer at the moment
  • In “the cloud” (eg on Skydrive, or iCloud).

CryptoLocker WindowThe point here is that Cryptolocker is capable of detecting drives that are currently connected (“online”), so this would include a currently connected USB drive or external hard disc. Your backup needs to be detached from your computer at the time of an attack by Cryptolocker to ensure that it remains safe (ie it must be “offline”). The only exception that I can think of is that anything you have burned to a CD or DVD is safe even if the disc is in the CD/DVD drive, provided that the media is of the “read” type rather than “read/write”. This is because, by definition, data can only be burned once onto a DVDR or CDR disc, so Cryptolocker won’t be able to replace your data with an encrypted version.

Backups that are “in the cloud” are probably not directly accessible by Cryptolocker.
I am not certain about this, but I can’t find any reference to cloud backups being vulnerable by virtue of them being “online”. However, there is a very big “but” here in that if your backups to the cloud are managed by a programmed schedule (as opposed to backups only being created manually on an ad hoc basis) then your backups could be at risk as a result of the schedule deleting your previously good backup and replacing it with files that have been encrypted by Cryptolocker.

Lifebelt in the SkyOne way to get over the problem of cloud backups being overwritten with encrypted files would be to establish another cloud account and then to periodically copy the backup data from the first cloud account to the second cloud account. If this backup is not created by a schedule then files encrypted by Cryptolocker will not over-write a good backup with an encrypted one.

Another step that can be taken to add a layer of security to your backups is to take a backup onto an external drive (hard drive, USB “memory stick”, or even CD or DVD) and then ask someone to keep this safe for you in their premises rather than your own. I advise doing this. It has always been a good practice, but, in reality, I’ve only ever been able to persuade a very few of my computer support clients that it is a practice worth adopting. This “off-premises” backup becomes, in effect, an “archive”. An archive is a backup that is not over-written with a later backup. So, for instance, you may archive your annual accounts. This means that whatever happens in the future you should always be able to access that particular year’s accounts because the backup never gets overwritten with a later one.

Locked Laptop

How safe is your data?

These “archives” don’t get updated (that’s what distinguishes them from backups), so they probably won’t include the very latest data if you suffer an attack from Cryptolocker. Nevertheless, they do provide you with a “worst case scenario” of the very least that you can expect to be able to recover if you should have a disaster such as a Cryptolocker attack. The other main reason for taking an “offsite backup” is that it also provides a layer of security against something disastrous happening to the location of your main system and backups – eg fire, theft, or flood.

However many levels of backup you introduce, you will only be absolutely sure that a usable backup exists if it’s there and it works when you need it. I’m afraid there are no absolute guarantees in this area. I think it’s one of those areas of computing where you have to make up your own mind how much time and effort you put into safeguarding your data. My own impression, though, is that – on average – my computer support clients probably do not pay enough attention to creating adequate backups and I suspect that it would be quite reasonable to extrapolate from that to say that most people, generally, are probably more vulnerable to losing data to the likes of Cryptolocker than they would like to be. As they say up North – think on!

Dropbox stores previous versions of data files (for 30 days) that you thought had long since gone to data heaven

I’ve mentioned this in a previous blog on Dropbox, but I’ve recently had a couple of queries from users who know it’s possible, but who can’t work out the mechanics. So, here’s how to do it.

The secret is to remember that your Dropbox files are available in two distinct ways – via the Dropbox folder on your computer and via a website interface. I think what happens is that we get used to using the Dropbox folder just like any other folder and assume that old versions of our files are stored in the local Dropbox folder – if only we could find them. This is not how it works. Only the most recent version (ie the “current” version) is in our local Dropbox folder. All the previous versions are “in the cloud” on Dropbox’s servers. However, providing that we have an internet connection, it’s easy to access them.

If you still have a “current” version of the file in your Dropbox folder, then click on the file to highlight it and then right-click on it. A menu then pops up as in Figure 1

menu for "previous versions"

Figure 1 – Menu for Previous Versions

The options on this menu will depend on what programs you have installed on your own computer, but somewhere on the menu you will see “Dropbox” with a right-pointing arrow. This arrow indicates that there is a sub-menu that pops up when you hover over the option. So, if you hover over “Dropbox” the submenu pops up that includes the option to “View previous versions”. If you click on this option, your web browser will open, take you to your Dropbox account online, and show you the list of previous versions of the file you initially clicked on (see Figure 2):

The List of Previous Versions

Figure 2 – The List of Previous Versions

Select the version that you wish to restore (ie the version that you wish to become the new “current” version). This is done by clicking in the round “radio button” next to the relevant version. Then just click on the blue “restore” button below. Be aware, though, that you don’t get any warnings or confirmations about what is about to happen. As soon as you click on the “restore” button it does just that: replaces the old current version with whichever version you selected to restore. You can, of course, repeat the process to restore a different version if the one you’ve restored is not the correct one.

What happens, though, if you’ve deleted the file?
Obviously, you can’t restore it by right-clicking on it if it’s not there!

  • In this case, launch the Dropbox website by right-clicking on the blue Dropbox icon in your taskbar (bottom righthand corner of screen) and left-click on the option that says (natch) “Launch Dropbox Website”.
  • Navigate to the folder where the deleted file used to reside
  • Click on the rightmost icon in the strip near the top of the screen that looks like Figure 3
Strip of Commands including "Show Deleted"

Figure 3 – Strip of Commands including “Show Deleted”

This is a dustbin, but clicking on it doesn’t throw things out. Rather, it displays the files that have previously been thrown out. In the example in Figure 4, the second file (diltest.txt) has been deleted.

Showing the Deleted Files

Figure 4 – Deleted Files Now Accessible

Click on the filename to reveal a list of versions that Dropbox is holding:

Showing the Previous Versions of Deleted Files

Figure 5 – Showing the Previous Versions of Deleted Files

Note that Dropbox can’t offer you the option of restoring the version that was deleted. It can only offer you the most recently saved versions. This may or may not be the same thing, depending upon whether you had made any changes between the last save and the deletion of the file. So, select a previous version by clicking in the round “radio button” and then click the “restore” button.

After all that, you might be saying “why not just look in the Windows recycle bin and restore the file from there?“. Fine, If it’s there, then go ahead and do that, but you may have emptied the recycle bin, or want a different version. The main advantage of having the Dropbox option is that it does keep all these different versions going back 30 days.

I don’t use Dropbox as my main method of backing up files. I’d feel a bit queasy about trusting any outside organisation to be in sole charge of the backups of my important data. However, knowing that Dropbox is adding an extra layer to my backup routines definitely makes me feel more secure about my data – and it doesn’t need me to do anything to maintain it.

Dropbox logoYou can get Dropbox for free. The free version starts you off with 2gb storage space. However, clicking this link to the Dropbox website will get you (and me!) an extra free 250mb of space.

Cloud Computing has become a buzz-word recently, but what is it? Cloud computing is internet-based computing. It is the provision of computing services over the internet that would previously have been provided locally on one’s own computer.

Example of traditional computing

Most people have a word processing package. This is a program that is installed on their own computer. If you have such a program then you can start it running, create a document, save it or print, close the program and all of this is done without any internet connection. You may have originally acquired the program by downloading it from the internet, but it is now installed on your own computer and you can use it without an internet connection. Quite possibly, you do this with Microsoft Word.

Example of Cloud computing

Suppose you don’t have a word processing program on your computer but you have an internet connection and you have Internet Explorer or Firefox or another web browser (a web browser is a program that allows you to see – and interact with – web sites). You can create, save, and print your document using a service such as Google Docs. The word processor is provided by Google via your web browser. All the programming for the word processor is at “their end”, but you can still create your document etc. This is Cloud Computing.

A slightly different way of looking at this is that instead of buying a product (a word processing package that you install on your own computer and then use whenever you want at no further cost) you are instead buying a service (the provision of word processing facilities). Cloud computing services are often provided on a basis of paying for what you use – in terms of time, or amount of data stored for instance. There are also free cloud computing services (see below).

Why is it called “Cloud Computing”?Cloud computing

In computer flowcharts and diagrams, it has become the convention to picture any part of the process that happens via the internet as happening in a cloud – see diagram

Pros of Cloud Computing

  • For organisations (with several or many users) cloud computing can be more flexible and quicker (and, therefore, cheaper) to deploy. The larger the organisation, the more this is likely to apply.
  • Cashflow for the user is improved as services are paid for as they are used, rather than up-front. Cashflow is also helped as expenditure is moved from capital to revenue expenditure (completely claimable against tax in the current period rather than written off over a number of years).
  • Updates, bug fixes and so on are very easy and inexpensive for the supplier to provide as there are no downloads or CDs/DVDs to supply, and the timing is under their control.
  • The user can access the program/service from any suitable computer with internet access.
  • Users don’t have to download and install updates, bug fixes etc.
  • Cloud computing tends to mean that users can use smaller, less-powerful (and, therefore, less expensive) computers to access the programs.

Cons of Cloud Computing

  • There is a perceived loss of control as data may be stored in the cloud and program functionality may change without the user wanting it or needing it to change.
  • It can be slower to access and use as the “conversation” between user and program has to happen over the internet rather than just on the the local computer.
  • Cloud programs tend to be less sophisticated in their power, options and configurability.
  • There are huge problems if internet access goes down or if the service provider’s system goes down.
  • There are security implications as data is constantly passed across the internet and may be stored remotely.

Some examples of cloud computing resources that are free of charge can be found here:

http://www.docs.google.com/ – word processing, spreadsheet, and drawing
http://office.microsoft.com/en-us/web-apps/ – Word, Excel, PowerPoint, OneNote
http://mail.google.com/mail/ – Gmail webmail

© 2011-2017 David Leonard
Computer Support in London
Privacy Policy Suffusion theme by Sayontan Sinha