- May 10, 2016
- 20
I know its not especially common, but in theory of course Ransomware can attack any drives the OS has write access to; these include everything from attached storage to network drives to cloud drives mounted to the OS as a volume (like Windows' integrated OneDrive, amongst others).
1. I'm wondering if there are best practices to securing these drives. Of course what I want is 'cold cloud storage' which is completely detached and never exposed to the host OS. The simple method is a Dropbox-esque web interface, and there are various services like that. A more complicated solution which I prefer is to use Amazon CloudDrive and link it to a desktop program like Arq for management.
Arq support tells me the drive never mounts to the OS and is essentially managed through the Amazon web API. In theory this should be secure from Ransomware/illicit write actions.
2. What I'm now worried about though is that a lot of the files getting put into these cloud services for storage could themselves be infected with say Ransomware or even malware more generally. Say its hiding in a PDF or an Excel Macro, something like that.
Of course it will be dormant in the storage system and unable to execute without a host. But lets say I one day retrieve that file... it could infect the machine.
3. Am I correct to understand that the best/only real way to deal with this is to scan every file that goes into the 'cloud storage' and hope that's sufficient? (Assuming all other security precautions, AV, anti-malware, anti-exploit, best practices, etc. etc. are taken).
1. I'm wondering if there are best practices to securing these drives. Of course what I want is 'cold cloud storage' which is completely detached and never exposed to the host OS. The simple method is a Dropbox-esque web interface, and there are various services like that. A more complicated solution which I prefer is to use Amazon CloudDrive and link it to a desktop program like Arq for management.
Arq support tells me the drive never mounts to the OS and is essentially managed through the Amazon web API. In theory this should be secure from Ransomware/illicit write actions.
2. What I'm now worried about though is that a lot of the files getting put into these cloud services for storage could themselves be infected with say Ransomware or even malware more generally. Say its hiding in a PDF or an Excel Macro, something like that.
Of course it will be dormant in the storage system and unable to execute without a host. But lets say I one day retrieve that file... it could infect the machine.
3. Am I correct to understand that the best/only real way to deal with this is to scan every file that goes into the 'cloud storage' and hope that's sufficient? (Assuming all other security precautions, AV, anti-malware, anti-exploit, best practices, etc. etc. are taken).