Ransomeware prevention app

I’ve seen a lot of fretting here about ransomware. And for good reason.

But a day or two ago, I stumbled upon something I didn’t know existed. Malwarebytes has a beta for an anti-Randomware app. They bought up a company that was working on this sort of thing, and then added their own expertise to make an app which prevents the encryption from happening in the first place.

They’ve already won some good vibes with me with their Anti-Exploit appwhich is a layer above an anti-virus, which detects suspicious behavior in certain high risk apps (like your web browser). I’ve been in on that since the Beta.

There are other solutions from other AVs, but this is the one I’m trying, based on that track record.

Having an anti-ransomware app does no good if you drop your computer.

I can’t stress how important and easy it is to take backups on a regular basis. I start my backups every Thursday and then go make coffee. I’m so paranoid that I take my monthly backups to my office just in case my house burns down.

I second the motion - regular backups is a far better solution to ransomware for a multitude of reasons, from cost to user experience to actual privacy.

The type of fingerprinting, constant checking, and “I need root-level tentacles in literally every part of your system” that most antivirus / anti-malware programs use is, when you take into account the abysmal “in the wild” protection rates, worse than the problem they purport to solve. Not to mention they often seriously impede the user experience due to slowdowns from constant cpu-cycling and network traffic for signatures, “updates” and who knows what else.

And if you’re concerned about privacy, having a big intrusive app with root-level access on your device which by design phones home regularly is about the worst case scenario. Even if they’re not hoovering up all your info now and selling it, I would bet they’re storing it, and would bet their EULA can change to allow the sale of it in the future - are you going to trust the company’s financials and integrity that much? What if they’re acquired by a less scrupulous company in the future for precisely that trove of info?

Regular backups is free, it just requires some behavior modification on your part.

It’s basically saying “there’s this 1 in 100,000 event out there I think would be bad…so let’s make my every day user experience worse, increase my technical debt, and decrease my privacy with 100% certainty on the chance that the app I’m using (which will never have even close to 100% success rates) will prevent that rare bad thing.”

You’re taking a 100% sure set of negatives to mitigate a 1/100,000 event, and you don’t even know that the solution will prevent that.

Compare to regular backups: You turn up as the unlucky 1/100k and your data is locked and held for ransom. Oh well, restore from last backup and lose maybe a day of data. Done. No slowdowns, no risks, no known everyday bads to mitigate against unlikely future bads. Plus if you drop your computer or spill water on it or it gets nuked in a lightning storm, you’re able to get back up and running with all of your programs and data much faster and easier!

Yeah. When several people on campus were hit by ransomware a couple of years ago, we just cleaned it from the computer and brought back the data from backup (all data is saved on the network and backed up every hour). People were barely inconvenienced.

Note these were faculty and staff, not students.

I save all my work on Dropbox; they have versioning, so you can find a good version if you get infected.

I would not place complete trust in versioning at a single backup location to save me from ransomware. 32Gb USB sticks are now so cheap that in addition to routine cloud backups, I have started saving key files to a USB stick once a month. Then I never touch each dated stick again (although you could reuse them after several months if you choose). This protects against insidious ransomware that can hang around for a long while before activating in order to try to get at all your backups too.

If you’ve actually been following this, you’d know that the modern stuff actually encrypts your backups, too. Sure, if you are extra careful and keep keep enough separate backups, there may be one that is old enough to restore from, (as it was made before the ransomware infected your computer) that still means losing a lot of data into hat you made in the interim.

This was mentioned in the other threads, so I didn’t think I’d have to say anything here. The software exists for a reason.

The problem with a lot of these is they are very intrusive. I have Bitdefender and I set up their antiransomware and it looked awesome but then everytime I wanted to save something or change something, the computer kicked back, I had to put in so many exceptions that, I found it easier to change settings, which makes it less secure and well you know the rest.

Backups are still your best bet. You can do a weekly or daily back up with a logical log.

To combine the two ideas:

Acronis TrueImage now has it’s own anti-crypto built in. I have read any tests as of yet, but since I use Acronis for backup anyway, I thought I’d give it a try.

I also use a combination of backups. I use Acronis to back up my system to their cloud, a NAS, and an external drive. I also use CrashPlan to back up my files to their cloud and a NAS. Both Acronis and CrashPlan have versioning.

Well, the nice thing is that I have a home and a work computer. I have dropbox on both. So if my home computer was hosed, I could log on my work computer (which I log off every day) and shut down the sync.

Bumping this thread: I just downloaded an updated version of Malwarebytes, and I see it now claims to detect ransomware.