cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Back again with another edition of 'How we use Dropbox', so find out how Emma uses to-do lists to get it all done here!

Dropbox accounts & billing

Make your Dropbox account work for you, with the help of Community users like you. Join in or start a discussion of your own.

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Randsomware Questions

Randsomware Questions

Harry T.3
New member | Level 1

I have a few questions about randsomware and dropbox.

I have the Pro version, with 30 days of file recovery.

I have 3 pc's running off a network at my small medical clinic. They all use Norton 360.  Employees use their own laptops they have dropbox accounts and some files/folders are shared.

I read an article about randsomware and i have come to the realization that no mater what anti-virus software/firewall is used there will always be a potential threat of being hacked. Granted it is a smaller chance with adequate protections.

Let us say my quickbooks company files, and my medical management software files are stored on dropbox and they gets hacked.  Am i able to roll my files back to any point in the past 30 days?  Are there ways that a hacker can delete these back-up files?

I do have two step verification set up, i am not sure that will help in an instance like this.

 

I have been looking at Business, but i do not need the extra storage space.

1 Accepted Solution

Accepted Solutions

Re: Randsomware Questions

Alexis G.1
Super User

@Harry.

We have several clients using Dropbox with sensitive data related with medical records. I can explain you some ransom-ware behavior so you can take the required measures in order to keep your data protected.

First: Ransomware is a type of malware (not a virus) affecting your files. The Ransomware encrypt your data so you cannot access your files. This type of malware is more and more common on this days because the cyber-criminals request payment in Bitcoins and some users try to recover the files by paying the ransom. The payment does not guarantee you get the encryption key, so never ever pay a ransom. The best protection vs ransom-ware is backup. Ransomware has been evolving, initially the malware only encrypt local files (i.e: Desktop, My documents, Dropbox, etc). Now it's common to find ransom-ware able to encrypt network shares, mapped drives and even data on local servers even not mapped in the local computers.

2nd: two factor authentication don't protect you vs Ransomware. If your computer is affected by ransom-ware and Dropbox content is encrypted, the sync process will replace good files in the cloud with the encrypted data. So your local data and Dropbox data will be useless.And Dropbox changes will be replicated in all your devices where the account is configured.

3rd: Protection. There is some basic rules you can follow in order to protect your computers in your clinic as an expert. Windows computers can be as secure as MAC if you follow this advice: Keep your OS updated, Install a Good antivirus and keep it updated. Install a malware tool like Malwarebyte Antimalware Premium. This software protect you vs webpages you visit and have an special engine vs ransom-ware. Works very good together with your Antivirus solution. Review your firewall in your computer: your firewall must be enabled. Some Internet routers have better firewalls (keep it both running). And one of the most important: your day by day account cannot be a admin account. You must use an standard account instead of admin account in your PC/Laptops. This is crucial! Some virus can bypass virus protection if the active user is an admin account. Admin account must be used only for hardware and software updates, for example.

4nd: Backups. Dropbox is not a backup solution, it's a sync solution. But can works as a backup in some way. If one of your laptop is stolen, you can setup a new laptop and recover ALL your data you have in Dropbox again. If your HDD crash, you can recover your Dropbox data as well. If you or your employees delete a file, you can recover the deleted file from the Dropbox page too!. So it's a very good solution to keep your data safe. (remember you have 30 days to recover your data). You can purchase Extended File History if you want to keep it for a year, remember that, is another layer or protection.

But if Ramsomware modify a bulk of your files, it's hard to recover a good version of the data one by one. You will need to contact support and request an Event Rollback. This can take days because they need to handle it manually. 

How you can be protected vs Ransomare if the files can be modified in your computers and even in the cloud? Easy! with backups!

There is a Free backup from Veeam and is designed for Endpoints like your computers in your clinic. And is designed to fight vs ransom-ware because your computers will run a full backup of your computers in less than 10 minutes by using recovery points and will eject your external HDD (if used for backups) in order to avoid ransom-ware to modify the backup files!

I believe you have 2 options: install a local NAS (cheap server for local storage) in your network and setup Veeam in your 3 computers. Every day at specific time your computers will backup to the NAS. If you have issues with ransom-ware, you can recover in minutes! You not only recover your Dropbox data, you recover the full pc in an easy way!. You can even recover in "bare metal" - this means you can backup a Dell laptop today and recover to an HP laptop instead, different brand and model? no problem!

Option 2: purchase a cheap 2TB HDD and backup every month your Dropbox content using Veeam software or just copy the Dropbox content from time to time from one of your PCs to your HDD.

I hope you find this info useful.

Please don't hesitate to contact us if you have any doubt.

View solution in original post

9 Replies 9

Re: Randsomware Questions

Mark
Super User II

there will always be a potential threat of being hacked.

Please dont take this in a patronising way, as it really is NOT intended this way, but well done. Seriously. The amount of people who do not realise things being a risk is terrifying!

 

Am i able to roll my files back to any point in the past 30 days?

Yes. BUT (and this is the big crux of it) - it not quickly. Dropbox need to manually do it for you in the majority of cases. Expect a response within a few working days. Therefore you may also want to look at another layer of backup on top of Dropbox (I use CrashPlan from Code42). Remember that 'proper' backup is in three different places all independent of each other.  

 

Are there ways that a hacker can delete these back-up files?

Not unless they have your details - but it is not impossible. Note that actually most of the new crypto viruses actually do exactly this. 

 

I do have two step verification set up, i am not sure that will help in an instance like this.

It will to protect YOUR account, but, the weak points are the shared folders between you and others. 

 


 


:penguin::penguin: - :penguin: - :penguin: - :penguin:


Heart Did this post help you? If so please mark it for some Kudos below. 


:white_check_mark: Did this post fix your issue/answer your question? If so please press the 'Accept as Solution' button to help others find it.


:arrows_counterclockwise: Did this post not resolve your issue? If so please give us some more information so we can try and help - please remember we cannot see over your shoulder so be as descriptive as possible! 


 

Re: Randsomware Questions

Rick M.
Experienced Collaborator | Level 13

Anyone running a medical clinic, law firm, or other vital service such as town hall or police station must realize ASAP that there are few technical solutions to ransomware.  What you must realize is that there are now cryptovirus which find and map network drives and encrypt them as well as the C:\ drive.  In other words, a user who clicks on an email or a web site runs the risk of infecting the whole local area network (LAN).  So, a fair rule is "No Email, No browser on the same network as the Data!" 

As Mark says, Dropbox is good, but it does not solve the problem.

Re: Randsomware Questions

Mark
Super User II

Spot on Rick.

Can I suggest one ever so slight amendment though? :

So, a fair rule is "No users on the same network as the Data!"    :O)


 


:penguin::penguin: - :penguin: - :penguin: - :penguin:


Heart Did this post help you? If so please mark it for some Kudos below. 


:white_check_mark: Did this post fix your issue/answer your question? If so please press the 'Accept as Solution' button to help others find it.


:arrows_counterclockwise: Did this post not resolve your issue? If so please give us some more information so we can try and help - please remember we cannot see over your shoulder so be as descriptive as possible! 


 

Re: Randsomware Questions

Alexis G.1
Super User

@Harry.

We have several clients using Dropbox with sensitive data related with medical records. I can explain you some ransom-ware behavior so you can take the required measures in order to keep your data protected.

First: Ransomware is a type of malware (not a virus) affecting your files. The Ransomware encrypt your data so you cannot access your files. This type of malware is more and more common on this days because the cyber-criminals request payment in Bitcoins and some users try to recover the files by paying the ransom. The payment does not guarantee you get the encryption key, so never ever pay a ransom. The best protection vs ransom-ware is backup. Ransomware has been evolving, initially the malware only encrypt local files (i.e: Desktop, My documents, Dropbox, etc). Now it's common to find ransom-ware able to encrypt network shares, mapped drives and even data on local servers even not mapped in the local computers.

2nd: two factor authentication don't protect you vs Ransomware. If your computer is affected by ransom-ware and Dropbox content is encrypted, the sync process will replace good files in the cloud with the encrypted data. So your local data and Dropbox data will be useless.And Dropbox changes will be replicated in all your devices where the account is configured.

3rd: Protection. There is some basic rules you can follow in order to protect your computers in your clinic as an expert. Windows computers can be as secure as MAC if you follow this advice: Keep your OS updated, Install a Good antivirus and keep it updated. Install a malware tool like Malwarebyte Antimalware Premium. This software protect you vs webpages you visit and have an special engine vs ransom-ware. Works very good together with your Antivirus solution. Review your firewall in your computer: your firewall must be enabled. Some Internet routers have better firewalls (keep it both running). And one of the most important: your day by day account cannot be a admin account. You must use an standard account instead of admin account in your PC/Laptops. This is crucial! Some virus can bypass virus protection if the active user is an admin account. Admin account must be used only for hardware and software updates, for example.

4nd: Backups. Dropbox is not a backup solution, it's a sync solution. But can works as a backup in some way. If one of your laptop is stolen, you can setup a new laptop and recover ALL your data you have in Dropbox again. If your HDD crash, you can recover your Dropbox data as well. If you or your employees delete a file, you can recover the deleted file from the Dropbox page too!. So it's a very good solution to keep your data safe. (remember you have 30 days to recover your data). You can purchase Extended File History if you want to keep it for a year, remember that, is another layer or protection.

But if Ramsomware modify a bulk of your files, it's hard to recover a good version of the data one by one. You will need to contact support and request an Event Rollback. This can take days because they need to handle it manually. 

How you can be protected vs Ransomare if the files can be modified in your computers and even in the cloud? Easy! with backups!

There is a Free backup from Veeam and is designed for Endpoints like your computers in your clinic. And is designed to fight vs ransom-ware because your computers will run a full backup of your computers in less than 10 minutes by using recovery points and will eject your external HDD (if used for backups) in order to avoid ransom-ware to modify the backup files!

I believe you have 2 options: install a local NAS (cheap server for local storage) in your network and setup Veeam in your 3 computers. Every day at specific time your computers will backup to the NAS. If you have issues with ransom-ware, you can recover in minutes! You not only recover your Dropbox data, you recover the full pc in an easy way!. You can even recover in "bare metal" - this means you can backup a Dell laptop today and recover to an HP laptop instead, different brand and model? no problem!

Option 2: purchase a cheap 2TB HDD and backup every month your Dropbox content using Veeam software or just copy the Dropbox content from time to time from one of your PCs to your HDD.

I hope you find this info useful.

Please don't hesitate to contact us if you have any doubt.

View solution in original post

Re: Randsomware Questions

Alexis G.1
Super User

Rick:

You are right. IT admins must avoid users can have access to backup data. In this way, if the ransomware infect the PC and shares, cannot infect data on the backups.

Re: Randsomware Questions

Harry T.3
New member | Level 1

Anyone running a medical clinic, law firm, or other vital service such as town hall or police station must realize ASAP that there are few technical solutions to ransomware.  What you must realize is that there are now cryptovirus which find and map network drives and encrypt them as well as the C:\ drive.  In other words, a user who clicks on an email or a web site runs the risk of infecting the whole local area network (LAN).  So, a fair rule is "No Email, No browser on the same network as the Data!" 

As Mark says, Dropbox is good, but it does not solve the problem.

The main problem with this is that we submit charges to insurance company's, medicaid, ect. directly from the medical billing database software.  With quickbooks, i use intuits payroll subscription features and I also sync my bank accounts, you need an internet connection for this.  Also, I pay most of my bills and taxes online.

There is a Free backup from Veeam and is designed for Endpoints like your computers in your clinic. And is designed to fight vs ransom-ware because your computers will run a full backup of your computers in less than 10 minutes by using recovery points and will eject your external HDD (if used for backups) in order to avoid ransom-ware to modify the backup files!

I believe you have 2 options: install a local NAS (cheap server for local storage) in your network and setup Veeam in your 3 computers. Every day at specific time your computers will backup to the NAS. If you have issues with ransom-ware, you can recover in minutes! You not only recover your Dropbox data, you recover the full pc in an easy way!. You can even recover in "bare metal" - this means you can backup a Dell laptop today and recover to an HP laptop instead, different brand and model? no problem!

I have a few questions about the above:

1.) using Veeam can i use a external HDD to do automatic backups leaving it attached? or would i have to manually trigger the backup?  The real problem with a manual trigger, is that I am often out of the office for several days in a row (my wife is the therapist, i do the books) Forgetting to backup is also a potential problem.

2.) if i added a NAS to my network would randsomware not get it as well? Or is Veeam segregating it from the rest of the network in some fassion.

 

ill be doing more research, but i think this is how i will go:

1. dropbox with extended back-up option for 1st back up (It may take several working days to revert)

2. Veeam with external HDD, manual back up as often as possible

3. Veeam with NAS performing auto back ups daily.

 

I do need to go and look at all my PC's and make sure that the user accounts are not admin.

 

I have another question.  lets say on dropbox i have a folder where i keep important data files called "DATA" it is not shared.   I also have a folder with pictures Called "PICT".  I share PICT with 5-6 family members, friends.  If one of those people are hacked, or if they get ransomeware can my files be compromised through the shared file?

thanks for answering my questions

 

 

 

Re: Randsomware Questions

Rick M.
Experienced Collaborator | Level 13

Sounds like a good plan. Outgoing email is fine, and if all users are well trained and trustworthy you should have no problems. You can also have a router prevent access to the worst offending web addresses.

A shared-folder is unlikely to spread ransomware, but any user that is attacked can scramble the data for all members of the folder.

Re: Randsomware Questions

Harry T.3
New member | Level 1

All my employees are trustworthy, but I would not say they are well trained in proper computer security procedures.

Re: Randsomware Questions

Alexis G.1
Super User

@Harry

using Veeam can i use a external HDD to do automatic backups leaving it attached? or would i have to manually trigger the backup?  The real problem with a manual trigger, is that I am often out of the office for several days in a row (my wife is the therapist, i do the books) Forgetting to backup is also a potential problem.

Veeam backup will run in automatic in a transparent way. I normally setup the backup to run at 11pm or 2am. You can keep 7, 14 or even 30 restore points, if you want. So if you has been hit by ransomware today, you can restore your backup to yesterday with no efforts.

2.) if i added a NAS to my network would randsomware not get it as well? Or is Veeam segregating it from the rest of the network in some fassion.

The NAS is good for small networks because you can setup the Veeam Backup to save backups in the NAS, instead of attaching a hdd to each computer for the backup. It's just an option. You can share a folder in the NAS and create a folder for each pc or laptop. Then you setup the Veeam Endpoing backup to backup everynight your computer to the respective NAS location. You can even setup a NAS with built-in Dropbox like Synology ones. Ransomware normally encrypt popular files like Word docs, Pics, Mp3 music, etc so your backup files will be safe. Some recent ransomware encrypt just everything but this needs time, so you will notice. Anyway, good NASes like Synology have a recycle bin so if the backup file is modified, you can recover the original one. (we are now in Paranoic mode). If you want to be bullet proof, you need the 3,2,1 rule (3 backups, 2 mediums, 1 offsite). 

1. dropbox with extended back-up option for 1st back up (It may take several working days to revert)

recover data can take hours or days. recover from Veeam normally takes hours or minutes if your laptops/pcs have good hardware (i.e: ssd disks)

2. Veeam with external HDD, manual back up as often as possible

You can make an standalone backup on HDD from time to time.

3. Veeam with NAS performing auto back ups daily.

Veeam is good for recovering a system when infected in the last few days but is not good for historic backups. You must run an standalone backup from time to time or save your critical dava to non-writable media like DVD or Bluray disks. You can use M-Disc for long archive (50+ years). 

I do need to go and look at all my PC's and make sure that the user accounts are not admin.

Very important and very easy. Control panel, users. Check you have at least 2 users. One admin, one standard. 

Poll
We love to learn from the educators who use Dropbox. Whether you teach kids, teens, adults or a combination of all three, we want to know what apps and integrations you use with Dropbox to help with teaching. Which of the ones below is your favorite, or most used tool?
Who's talking

Top contributors to this post

  • User avatar
    Alexis G.1 Super User
  • User avatar
    Harry T.3 New member | Level 1
  • User avatar
    Rick M. Experienced Collaborator | Level 13
What do Dropbox user levels mean?
Need more support?