We Want to Hear From You! What Do You Want to See on the Community? Tell us here!
Forum Discussion
Andrew J.3
11 years agoNew member | Level 1
Is Dropbox a safe haven from ransomware?
1) If my local computer and presumably my local network drive were to be encrypted by a ransomware attack, would my Dropbox files also be encrypted?
2) Or is Dropbox a safe place place for my files in such a situation?
3) If not, what procedures (details please) are available to retrieve files that existed before the attack?
19 Replies
Replies have been turned off for this discussion
- Rich11 years ago
Super User II
1) If you have files in your local Dropbox folder they would become encrypted as well. If you then have the Dropbox software running, those files would then sync to the cloud and any other devices you have.
2) No place is safe once you're infected with ransomware. If the files are on your system they can be encrypted regardless of which service you're using.
3) See here:
https://www.dropbox.com/help/400
https://www.dropbox.com/help/296
https://www.dropbox.com/help/11 - Andrew J.311 years agoNew member | Level 1
1) In case of ransomware encryption, are all--even older versions of--files encrypted. In other words, would there be an unencrypted backup version of my files on Dropbox from which I could restore even if some files had only the one version I originally stored on Dropbox? I'm trying to distinguish between frequently updated files where a recent version change has taken place (as I assume the instructions at https://www.dropbox.com/help/11 refer to), and static files that have not been updated in a long time.
2) is Dropbox working on a defense strategy against ransomware encryption?
Thanks for your advice.
- Rich11 years ago
Super User II
1) When a file becomes encrypted and is synced to Dropbox, it is synced as a change, so the previous unencrypted version would be available for recovery.
2) If I had to guess, probably not, and it's not really their responsibility to do so (IMHO). Dropbox provides a file sync service; nothing more. Any antivirus, anti-malware, etc., is the responsibility of the end user. Protect your system and you won't have to worry about it.
- Steve R.710 years agoNew member | Level 1
It seems that if you pay for the Pro version they should provide protection against ransomware encryption.
It does look like the "extended version history" option may cover you in case of ransomware because all versions of files are kept for 1 year without counting toward your quota, but this option obviously adds a lot to the cost.
- Rich10 years ago
Super User II
It seems that if you pay for the Pro version they should provide protection against ransomware encryption.
How? Dropbox can't see that the files are encrypted (files uploaded to Dropbox are split into 4MB chunks), and even if it could, how could it differentiate between those encrypted by ransomware and those purposefully encrypted by the user?
Simply put, the security of your computer and the data stored on it is your responsibility. There are ways to protect your system from ransomware. Use them.
- Steve R.710 years agoNew member | Level 1
One option that comes to mind would be if Dropbox detects all files on the entire accoint have suddenly changed at once they could keep a backup of the old files for a week and notify the user of the suspicious activity. If the cost of this gives you heartache then they could add it as an option for an additional fee.
- Rich10 years ago
Super User II
Dropbox already keeps all files for a period of 30 days, no extra costs involved, and you can request a rollback of your account to a point prior to the infection. An option for one year of recovery does cost extra, as you mentioned previously.
- Steve R.1510 years agoNew member | Level 1
Oh cool, I didn't know that. They should just add a notification for suspicious activity (ie: all files were changed within an hour or 2) with a prompt to roll back your files/quarantine the encrypted ones for 30 days if desired. I may have to upgrade to Pro to protect my photos, Dropbox camera upload works so well!
(I missed the comment you had above Rich where you said "so the previous unencrypted version would be available for recovery")
- Rich10 years ago
Super User II
They should just add a notification for suspicious activity (ie: all files were changed within an hour
When a crypto attack takes place, the files are usually renamed. Dropbox sees this as a delete and an add (original file is deleted and the encrypted version is added). When it sees that a large number of files have been deleted it will send you an email notification, assuming you have that option enabled on your Account page. Look for the Email notifications section on the bottom left.
- Frank P.110 years agoNew member | Level 1
"Simply put, the security of your computer and the data stored on it is your responsibility. There are ways to protect your system from ransomware. Use them."
My computer is a Mac. It's immune from ransomeware. All of the files in my Dropbox folder were overwritten as .ecc files and since the folder was cold-storage I didn't notice it until after 30 days so I'm screwed.
My computer wasn't infected because it's immune. The infection must have occurred on Dropbox's servers which then overwrote my files. I was responsible for my own computer's security. My connection to Dropbox was the problem.
About Delete, edit, and organize
Solve issues with deleting, editing, and organizing files and folders in your Dropbox account with support from the Dropbox Community.
Need More Support
The Dropbox Community team is active from Monday to Friday. We try to respond to you as soon as we can, usually within 2 hours.
If you need more help you can view your support options (expected response time for an email or ticket is 24 hours), or contact us on X or Facebook.
For more info on available support options for your Dropbox plan, see this article.
If you found the answer to your question in this Community thread, please 'like' the post to say thanks and to let us know it was useful!