In my computer security classes, I tease my students that “Backups are good; restores are better.” The unfortunate fact of life is that computer hardware wears out and stops working. Software has bugs. Unfortunately, systems sometimes become infested with malware — so-called malicious software. A particularly ugly kind of attack, such as CryptoLocker, is called “Ransomware.” As Cybersecurity professionals, we call it crypto-viral extortion when a malware attack encrypts a user’s files and then demands payment to retrieve the key to restore the data.
I’ve seen this happen to individuals and companies. Most spectacularly, a police department in New England “made the news” when their PCs were infected and they refused to pay the ransom of One Bitcoin (about $374 at today’s conversion rate.)
CryptoLocker hit a computer at a company where my friend’s wife works and they would have lost their data, except for some clever counter-hacking.
The cybercriminals count on the fact that the victim would have to pay the ransom to get their data back because they didn’t have good backups. In fact, this is a key theme in Microsoft’s Mark Russinovich’s novel “Zero Day.”
One of the basic protections against these kinds of attack is to use a nonprivileged account. While a non-priviledged account can help protect you against malware, the truth is that hardware breaks. Your best line of defense is to set up a system of automated backups. This is common in business and government but rare in the general population of computer users as most people neglect this critical task.
Do You Back Up Your System or Just the Data?
Each has its benefits and drawbacks.
Backing up your system, including the data, is the most common form of system protection. The advantage is that you can bring your system back to its last preserved state. Should your hard-drive fail on your PC or laptop, for example, you could put a new hard drive in the computer and restore your data and programs. With a full-system backup, you would replace the failed component — usually the hard drive — and reinstall the operating system. Then, you could plug in your backup drive and use your backup software to restore everything including programs and all your settings such as the screen background. The downside of this style of backups is the volume of data files that you save.
There are three drawbacks to a full-system backup:
- It may be harder to retrieve an individual file.
- If your system already has a malware infection, all you’ll do is back up the infection. (This is one of the factors that the character Jeff Aiken battles in Russinovich’s novel.)
- Your volume of backup data will grow over time, requiring more disks or periodically pruning the backups.
You could just back up your data, rather than the whole system. This is typically quicker when you’re taking the backup, and makes getting individual files back easier. I depend on my so-called “file-level” backups because I’ll be working on my laptop early in the morning or late at night. In a sleep-deprivation fog, I’ll mess up a file and depend on my backups to get it back for me.
Just like full-system backups, there are two problems. First, you keep duplicate copies of all of the files on your computer and that includes the files needed by the operating system — which rarely, if ever, change. The second problem occurs if you ever have to reinstall all the software on the computer including the operating system. Therefore, you would need to use your restore disks to bring the system to factory state. Next, you would need to reinstall all your programs and then you would need to restore your data. That’s a lot of work, but you would know that your system is “clean” and free of malware.
You could protect both. Implicitly, a full-system backup preserves all of your personal data as well. But each generation (round of backups) would duplicate the unchanged information as well as that which was modified. Older software depended on a “full” backup followed by copying any changed files. These were called “incremental” or “differential” backups. Modern backup software works around the limitations of older implementations.
Local Backups
Whether you choose to protect your data or your whole system, you have a number of solutions. For local backups, you have four options ranging from simple drag-and-drop file copy to sophisticated backup utilities. Online, there are commercial services and cloud storage options.
Performing a local backup is generally straightforward, but there is a danger. Using a USB thumb drive or an external hard drive, you can simply open two windows using the File Explorer on your desktop. In one window, navigate to the folder that you want to backup and, in the other, the destination for the backup. Then, in the source window, type “Control-A” to select all the files you want to preserve. While pressing the control key, drag the files to save into the window that’s open to your backup drive. Now, here’s my warning: Be very careful and mindful of the source-and-destination because you could accidentally copy the backup over your good data and that would be catastrophic. In fact, this is very similar to what happened to Microsoft and their Danger subsidiary that made the “Sidekick” phones. If Microsoft can mess up like that, watch out! If you feel squeamish about the risk, there are other solutions.
For local copies, you should always use a separate storage device. Even if the hard drive on your PC has enough room to hold the emergency copy of your data, if that device fails, you’ve lost the original and the backup. High-capacity external hard drives and USB sticks are affordable enough that they can provide the storage you need at a fair price.
You can use commercial backup programs. There’s one that’s built into Windows 7 and 8, but you have to enable it in the “Programs and Features” control panel. There are multiple third-party backup products on the market and you can typically find them at your nearby big-box store or online. Generally, these are robust products that do a fast, efficient and automated job of protecting your data and your system. You may even find simplified versions already pre-loaded on an external hard drive that you would buy to store your protected data. Again, I have to give you a word of caution: each backup product (including Microsoft’s) uses their own, proprietary storage format. So, you may not be able to mix software from one product and a different vendor’s archival files. On the other hand, just about any commercial software product will have the ability to operate automatically on a schedule, so you can “set-it-and-forget-it.”
There are other tools that you can use to backup locally. Microsoft has, for example, two built-in tools for safely copying files: XCopy and Robocopy. Both of these programs run at the command line and offer very powerful sets of options including the ability to resume a task if the copy is interrupted for some reason. That said, with the power comes complexity and the requirement that the user run the program at a command line interface. Microsoft also offers a very good tool called SyncToy, which allows you to build “folder-pairs” and keep data synchronized between them.
Conclusion
So what does your humble author do? For my laptop, I back up periodically to an external hard drive with SyncToy. I also back up critical files I’d need in case of emergency to my phone with SyncToy and a USB cable. I use OneDrive to store less critical files and documents that my students might want after class. Instead of using the sync services provided by Google, Microsoft or Apple, I use a local app to synchronize my calendar-contacts-tasks to my phone and I don’t use the built-in sync service for want of using too much Internet service each month.