From: Mouse <mouse at Rodents-Montreal.ORG>
I think a more important issue in backing up is
"How many GENERATIONS
to you keep around?"
For many purposes, that's an important consideration, yes. There's
something (small) I back up weekly for which I keep the most recent
seven backups, the oldest backup in each of the most recent twelve
months, and the oldest backup in any year. I'm considering something
of the sort for my house backups - live replication to a backup host,
with a once-a-week freeze of the replica, storing past replica drives
on a scheme somewhat like the above.
There is a ramsomware variant that encrypts the files but silently decrypts them when they
are accessed. It does this for six months before deactivating the on-demand decryption and
displaying the ransom message, the theory being that by that time all of the backups will
be of the encrypted files, and thus will be useless for restoring good versions.
As to how one can become infected, see
http://www.theregister.co.uk/2015/08/27/malvertising_feature/?page=1. Major sites, such as
The New York Times, Reuters, Yahoo!, and Bloomberg, have been serving malware -- including
ransomeware -- through hijacked advertisements. No need to click on anything, the ad
serves up the malware.
BTW, where I work got hit with ransomeware in December. We were lucky that it first hosed
the accounting/time tracking database, which generated errors when someone tried to enter
her time. When I went to restore a backup of the database, I noticed the ransomware's
html ransom note file and shut down the system before too many more files were encypted.
We were able to restore everything (except the originally infected user's computer,
which we wiped and reinstalled) from an unconnected backup drive.
Bob