1

This question is specific to some measures that I have already taken with a pen drive as described below. I have a pendrive that’s always connected to my Windows PC. I run a script at logon that takes backup of my important data on that pendrive.

To secure the backup data on it in some way I have done the following thru the backup script and other programs

  1. Using diskpart set the pen drive Read Write Mode

  2. Take the backup (There's no encryption anywhere)

  3. Using diskpart, set the drive to Read Only mode

  4. Using a third party program called 'removedrive' eject the pen drive with error code -47

However the pen drive is physically connected to the USB port. I however know that this is not enough as a program can anyways run diskpart and set the drive to read-write mode and even if it’s error code -47, the entire USB Hub can be reinitialized resulting in that pendrive being online again.

What else I would need to do here to secure the backup data on that pen drive from any ransomware? Physically disconnecting it and reconnecting again before logon is the last option.

rajeev
  • 1,596
  • 8
  • 34
  • 53
  • 2
    Is the objective here to protect the *data* from ransomware, or just the flash drive? – I say Reinstate Monica Nov 17 '17 at 01:34
  • If you are plugging the drive in in such a way that the PC has read-write access to it, you can't fully protect from ransomware. Multiple rotated drives will provide some measure of protection (ie older backups if you are hacked). you might want to look at doing a cloud backup, and making sure the cloud service you use provides snapshots/versions so you can go back to older ones if it is encrypted. – davidgo Nov 17 '17 at 03:22
  • Thanks for the comments. Twisty Impersonator - Title updated to reflect 'data'. davidgo - yes, normally the pen drive will be in ejected state -47 and entire drive shall be Read Only as mentioned in above question, but I know both can be altered programatically and I would not know if that logic is built into ransomware or not. – rajeev Nov 17 '17 at 07:38

1 Answers1

1

To secure your data against ransomware, you should to do the following:

  1. Don't run suspicious code from the internet, avoid criminal websites, and don't click links in emails without investigating where they will take you
  2. Backup your data to an offsite location. You could put it in Google Drive, Dropbox, and One Drive for free and have 3 offsite copies. Dropbox will allow you to recover previous versions of files
  3. Install anti-malware software.

Having done those things, your bigger worry should now be the drive failing rather than ransomware.

Sir Adelaide
  • 4,969
  • 2
  • 13
  • 36