5 Reasons Why Backups Aren’t The Answer

With the ransomware epidemic continuing to spread, you should know all of your security options…

We have always said backing up your data is crucial.  We stand by our word.  However, you must also have alternative forms of protection beyond backing up your data.  PC Pitstop CEO, Rob Cheng, provides five major reasons why you should not use backups as a stand alone form of security against ransomware attacks:

1. You don’t know which files ransomware will encrypt beforehand, so there is always a chance that even if you are backing up, that there will be a missed file.

2. Just because you have backed up your files, you still have to restore the computer to the way it was using backups.  It may be possible.  There are many companies that have paid ransoms not because they weren’t doing backups but because the downtime was too big to restore the backups.

3. If you setup your backup as a network share, or as an external hard drive and then the backup hard drive is live when the ransomware hits, then it will get encrypted too.

4. Now that ransomware is becoming an epidemic, they are playing it hard.  They want to get you and your company on monthly renewal.

5. The biggest reason why backups are not the way is because ransomware can disable a backup.  The problem is that there is a foreign piece of software running on your computer.  It’s entire goal is to extract as much money as it can from you.  If it figures out that backup is stopping it from achieving its goal, then it will attack the backup first and encrypt second.  The only real solution is to stop the malware from executing in the first place.  It is flawed to let the malware run, and then try to compensate for the damage after the fact.

To reinforce Rob’s points, Horry County Schools had their files backed up; however they chose to pay the ransom instead because it would be too time consuming to restore their own systems through the backups they already had.

As Rob suggests, being proactive is the best approach.  For home users, PC Matic provides superior security protection and has been proven to provide the best proactive detection for malicious files.  For business users, Tech Sentry can provide your with the ease of mind knowing your files are safe from the ransomware threat.

(Visited 93 times, 1 visits today)

9 thoughts on “5 Reasons Why Backups Aren’t The Answer

  1. Isn’t the main problem with schools, hospitals, libraries, government agencies, et al., that they have dozens to thousands of employees and other–over whom they have little or no control–using their systems? And many of those users are doing person, not business, stuff anyway.

  2. actually if you back up your files and do a recovery instead of a restore, this becomes a moot point for the general home computer. especially since a recovery sets it back to factory defaults.

    for the home computer if you have an external hard drive that’s the same size as your computer drive, the entire contents can be copied (which will take quite a while i admit), thus eliminating any chance of not having the proper replacement files.

    also, if you’re backing up your files and storing them off the computer, there’s no onboard backup for the ransomware to attack or disable.

    oh and only a complete idiot leaves the external backup hard drive continually plugged in, just because they CAN be infected through the uplink. if it’s only plugged in during the backup process and then unplugged, that negates any infection possibility.

    honestly, i’m with hazardous. it seems that every article on pc pitstop regarding ransomware is being used as an infomercial for pcmatic. ransomeware is a legitimate threat and may not be scareware, but pcmatic is using it as psychological leverage to scare people into buying their product. they are TURNING it into scareware.

    • @TheOncomingStorm: Hi. You are right. We are trying to draw a link between our software and ransomware. That is because our white list approach is the only way to prevent ransomware. Yes, you can backup and react as nimbly as possible, but the only proactive solution is our product.

      Ransomware is reaching epidemic proportions. So we are getting more and more strident to educate the public. Yes, we gain financially but our customers gain because they don’t get infected. When less people get infected, less ransoms get paid and the ransomware threat become a little less.

      • @Rob Cheng:

        “our white list approach is the only way to prevent ransomware….the only proactive solution is our product.” sorry, but that’s total bs. besides, the main method of ransomware delivery is social engineering through emails anyway.

        the primary, and most foolproof method, of avoiding ransomware is not being stupid about what you click on. for the most part, they can’t download their program unless you allow them to.

        sure, they can infect website ads, but i’ve been using adblocker and ghostery through chrome for a couple years and never even see them anyway. the widget gets blocked, adware payload can’t gain access to be downloaded and that INCLUDES any ransomware.

        the bottom line is that you’re psychologically manipulating people into purchasing your product by scaring them and then telling them, “i’m your only savior,” especially since there are other (and cheaper) whitelisting antivirus programs out there, like kaspersky, bit9 parity suite, lumension application control, mcaffee application control, signacert and bouncer for example. not to mention windows itself is outfitted with onboard whitelisting security software with applocker.

        • @TheOncomingStorm: There is no doubt that people should not be clicking on emails with suspicious attachments but calling these people stupid is not going to make the problem go away. Do a Google trends on the keyword ransomware. We are in a crisis and hundreds of millions of dollars left the country in Q1 2016 to the digital mafia.

          The FBI reported total ranomware payments for 2015 at $24M and for Q1 2016 it was over $200M. To be honest, when I see numbers like this, it makes me scared. If you are not nervous, maybe you should be. Not for yourself, but for everyone else.

          We are simply trying to draw attention to the issue and suggest that our product blocks ransomware because of our white list. It is the only viable commercial solution to the ransomware threat. Part of the reason is that there is a lot of confusion around the term white listing and what it accomplishes.

          As you suggest, Kaspersky has a white list. And for that matter, so does McAfee, Symantec and so on. This is a method of allowing valid software manufactures to alert the AV vendor when they are incorrectly detecting their software as being dangerous. It is a way of refining their black list and reduce false positives. This obviously is useless in the fight against ransomware.

          The other category is application control or application white listing. You mention Bit9, McAfee etc, and there are many others. Application control is a way for IT administrators to control what applications can run on endpoints. As you suggest, since the endpoints are locked down, it is not possible for ransomware to execute. The problem is that it is very tedious to implement application control properly, and therefore it has never achieved wide spread adoption in corporate America. Of course, this ignores the issue for the consumer market place.

          Our product attempts to solve these issues by creating a global white list of good applications which we have been refining since January 2011. It easily installs and replaces the black list approach. This is not idle boasting. We are proving it in test after test of independent testing. You mentioned Bit 9 but they have never participated in a private nor public test.

          • @Rob Cheng:
            you know? you’d make a great politician. you’ve mastered the arts of avoiding the issue, talking in circles and weaving tapestries out of rhetoric.

            i feel like i’m trying to reason with a fence post and have grown seriously board of reading your prattle, so my subscription to this comment thread has now been removed. as such, i will not be notified of any further replies. make them if you want, but it will be just as much of a wasted effort as i’ve expended here.

            • @TheOncomingStorm:
              Rob, it looks like he just gave himself away. When they start to resort ad hominem attacks, it’s usually because they just ran out of intellectual ammo and have to deflect attention away.

  3. I think we should call ransomware, scare ware.. because now every precaution you take has it’s pro’s and cons and people, like PC matic, will climb on the bandwagon to scare you into buying their product… which essentially, is the same thing the ransomers are doing.

    • You present an interesting point. Scareware uses scare tactics to get people to buy unwanted software. The ransomware threat is quite real. We have seen several municipalities become victim of ransomware attacks, rending their files inaccessible and in some instances their PCs and servers entirely useless. Ransomware is far from scareware. It’s a justifiable concern for all PC users. We encourage the use of PC Matic because it has been proven to block this very real threat. Unfortunately, alternative protection methods have been proven ineffective. If ransomware could be prevented with traditional blacklisting anti-virus programs, there wouldn’t be a growing epidemic. But it can’t.

Leave a Reply

Your email address will not be published. Required fields are marked *