Microsoft Onedrive storage and ransomware.
-
Microsoft Onedrive storage and ransomware.
I use Onedrive cloud storage (v 2021, build 21.129.0627.0002, 64-bit) through MS 365 to store backups from my Windows 10 PC (v 21H1, build 19043.1110). Only in rare circumstances do I exit Onedrive while my PC is up.
I use a good antivirus package and have never been affected by ransomware, only very rarely over many years by software viruses, which have been immediately removed.
If my PC were to get infected with ransomware which got past the antivirus protections, and my local files became inaccessible, would the backups on Onedrive be safe, or could they also be affected by the ransomware?
TIA for any useful advice.
-
-
Best security is of course off-line storage e.g. periodic disk images stored on off-line media.
I can't comment on security methods used by Onedrive - but the ransomware has to be able to run to encrypt files, so if it wasn't actually uploaded and it couldn't execute on a data server, your data might well be safe. Note also Onedrive keeps historical data.
There is a brief comment on ransomware here:
https://support.microsoft.com/en-us/...0-80e142edd1e1
You’ll be able to easily recover your files to a point in time before they were affected, up to 30 days after the attack. You can also your restore your entire OneDrive up to 30 days after a malicious attack or other types of data loss, such as file corruption, or accidental deletes and edits.
-
Onedrive and Ransomware
Thanks for your useful advice - it's always good to know what isn't yet known. Wasn't there a famous and controversial American politician who said something along similar lines?
Thank you especially for the reference to MS's stance on Onedrive security. Here is their comment particularly on ransomware:
Under "Additional OneDrive security features"
Ransomware detection and recovery - As an Microsoft 365 subscriber, you will get alerted if OneDrive detects a ransomware or malicious attack. You’ll be able to easily recover your files to a point in time before they were affected, up to 30 days after the attack. You can also your restore your entire OneDrive up to 30 days after a malicious attack or other types of data loss, such as file corruption, or accidental deletes and edits.
This appears to imply that ransomware could get aboard a Onedrive server and cause havoc, but that the restore facilities should ensure that locked data could be recovered by a restore, if notified in time.
-