Personal Ransomware Defense: Backup Strategies
Key Points
- Ransomware attackers use two main extortion tactics: demanding a ransom for a decryption key or threatening to publicly release stolen data.
- The most critical defense for individuals is a layered backup strategy that includes regular local backups, alternating offline USB drives, and off‑site cloud storage to ensure recoverable copies even if one backup is compromised.
- Keeping at least one backup completely offline protects against ransomware that could encrypt any connected storage, allowing you to restore data without paying the attacker.
- Understanding phishing—where attackers exploit fear or greed via deceptive emails—is essential, as these attacks are a common entry point for ransomware infections.
Sections
- Individual Ransomware Defense Strategies - The speaker explains the two main ransomware extortion tactics and outlines four personal protection steps, stressing the importance of multiple, layered backups—including local, online, and offline copies—to safeguard data.
- Guarding Against Urgent Phishing - The speaker explains how fear‑ and greed‑based phishing exploits urgency to trick users into clicking links, and advises verifying URLs directly, regularly patching software, and routinely rebooting systems to stay protected.
Full Transcript
# Personal Ransomware Defense: Backup Strategies **Source:** [https://www.youtube.com/watch?v=eizn9TC68E8](https://www.youtube.com/watch?v=eizn9TC68E8) **Duration:** 00:05:35 ## Summary - Ransomware attackers use two main extortion tactics: demanding a ransom for a decryption key or threatening to publicly release stolen data. - The most critical defense for individuals is a layered backup strategy that includes regular local backups, alternating offline USB drives, and off‑site cloud storage to ensure recoverable copies even if one backup is compromised. - Keeping at least one backup completely offline protects against ransomware that could encrypt any connected storage, allowing you to restore data without paying the attacker. - Understanding phishing—where attackers exploit fear or greed via deceptive emails—is essential, as these attacks are a common entry point for ransomware infections. ## Sections - [00:00:00](https://www.youtube.com/watch?v=eizn9TC68E8&t=0s) **Individual Ransomware Defense Strategies** - The speaker explains the two main ransomware extortion tactics and outlines four personal protection steps, stressing the importance of multiple, layered backups—including local, online, and offline copies—to safeguard data. - [00:03:14](https://www.youtube.com/watch?v=eizn9TC68E8&t=194s) **Guarding Against Urgent Phishing** - The speaker explains how fear‑ and greed‑based phishing exploits urgency to trick users into clicking links, and advises verifying URLs directly, regularly patching software, and routinely rebooting systems to stay protected. ## Full Transcript
Ransomware threats tend to fall into one of two categories: The bad guy says, "I've got your data and I'm not going to give it back.
You have to give me some money and then I'll give you the key."
The other type of threat is "I've got your data and I'm about to give it to the rest of the world." In that case, you have to pay me.
Two different types of extortion, it's all about ransomware.
Well, in this video, I'm going to talk about four different things that you can do to guard against ransomware threats.
And in these, I'm going to focus on what you can do as an individual.
I read the comments on my previous videos regarding ransomware, and it was clear that a lot of the comments I made were what a corporation would do.
But what about what you can do as an individual?
So let's focus on that area.
Okay, the first thing and I would say most important thing that you can do is make sure you have a good backup.
You need to have multiple backups because as the old saying goes, if you have two backups, you really only have one.
And if you have one, you really have none because that one could go bad.
A lot of different reasons it could go bad, but it could go bad.
So let's consider what a backup should look like.
If here is my system, one thing I'd want to do is look at having, say, a locally attached USB hard drive.
And this system is backed up on a regular basis.
So now I have a local/online copy that is fresh all the time.
Another type that I might want to have is an offline/local where I have a USB drive.
Maybe I use these two drives and alternate them.
So I use this one for a month and then I disconnect it and put the other one on for a month.
That way, if something comes along and my system gets infected, then this backup that's locally attached could also be infected.
In this case, though, the one that's offline won't be infected.
So I can fix my system, then connect back in.
And now, while the data may be at most, in this case, a month old,
at least I have something that I can recover from and I can tell this guy to go get lost, I'm not paying him.
And then another type of backup that I may want to do is have something that's not local at all, but a cloud-based backup.
So in this case, it's online and it's cloud based.
And the advantage to that is if something were to physically happen that causes maybe this to be stolen,
or my home catches on fire, or something like that, and I lose those, then I can still recover the data.
This may not be as fast as the others, but it gives me some advantages.
So here we see multiple backups with different characteristics, giving us multiple levels of protection.
That's really important in this case.
The next thing I'll say that we need to understand a lot better is phishing attacks.
A phishing attack is basically where someone is sending you an email and they are trying to capitalize on one of two thoughts,
one of two motivators: One is fear, and the other is greed.
In the fear case, what I'm looking to do is develop some sense of urgency that says, maybe "we see a charge on your account, log in to verify this charge."
And you know, you didn't charge it, so now you feel like, oh gosh, somebody's stealing money from me.
So there's a sense of urgency.
Or in the greed case, we say to you just "Congratulations, you just want to contest.
Log in here to collect your prize.".
I hate to let you know you probably didn't win.
But nevertheless, both of these kinds of threats will cause someone to click on a link,
and because of the urgency-- the fear and greed motivators --they may suspend, really, a critical analysis and just log in.
What should you do instead?
Well, if you really think that this could be legitimate, like you think it's your bank that's contacting you, go to your browser and type in the bank's URL.
Type in the link to the bank directly instead of clicking on the link.
And that way you'll find out if it's legit and you'll keep from getting your system infected when you click on that link.
So it's a lot of things you can do in that case to to guard against that.
Next thing you should consider, and I'm going to highly recommend this, is patch.
Keep patching, keep all your software up to date.
If you don't have your software up-to-date, then you basically have latent vulnerabilities sitting in your system.
And the bad guys know about this and you have not guarded against that.
It's like leaving the backdoor wide open.
I'm also going to let you in on a secret: Your system will probably run better if you reboot it every week or two, something like that.
It's sort of like spring cleaning.
So your system will run better, and while you're doing that, go ahead and apply the patches.
That way you will also be guarding against a lot of the threats that the ransomware guys are trying to take advantage of.
And then finally, the fourth item I'm going to say is antivirus.
Now, if you have a Windows system, you already have an antivirus tool built in.
You may want to use that one or you may want to buy one.
That's your choice.
But use something in that case.
If you're on other operating systems, you may consider it or you may not.
But it's a potentially a good mechanism to guard against these kinds of things because the signatures that are in the AV systems,
or the behavioral analysis that that is in, those will look for some of these cases and
be able to catch some of the ransomware attacks and stop them in their tracks.
So there's no perfect defense against ransomware, but if you do these four things, you will tip the scales in your favor away from the bad guys.
Thanks for watching.
If you found this video interesting and would like to learn more about cybersecurity, please remember to hit like and subscribe to this channel.