Can Ransomware Infect Backups and How to Avoid It: Guide

Can Ransomware Infect Backups?

Ransomware threat continues to grow. New strains appear on a regular basis raising the question: “Can ransomware infect backups?” As a matter of fact, strains like Ryuk and Sodinokibi prove that even backups can be attacked and encrypted. 

Let’s find out when ransomware can infect backups and, more importantly, how to ensure backup data is safe from ransomware.

Can Ransomware Infect Backups and When They Become Infected?

Having your data backed up is one of the best security measures. However, sometimes backup data can be corrupted by ransomware together with the data it is supposed to protect.

Overall, there is always a probability that backup data is infected. Depending on your backup strategy, this probability can be higher or lower.

When backups are more likely to be infected with ransomware? Generally, all backups that do not follow the best practices of ransomware backup strategy are more vulnerable. These practices include:

  • Following the 3-2-1 backup rule (having 3 separate copies of your data stored on 2 different kinds of media, with at least 1 copy stored off-site)
  • Keeping multiple backup versions
  • Making backups frequently
  • Using additional anti-ransomware software

Using these practices together makes your backups as secure from ransomware as possible.

Can Ransomware Encrypt Google Drive/OneDrive?

Sometimes, cloud services like Google Drive or OneDrive are used as the only backups of important data. This is not the best option and here’s why.

According to the UK’s National Cyber Security Centre, cloud syncing services  (like Dropbox, OneDrive and SharePoint, or Google Drive) should not be used as your only backup. This is because they may automatically synchronize immediately after your files have been ‘ransomwared’, and then you’ll lose your synchronized copies as well. 

can ransomware infect backups

Sync is not the only way for cloud services to get infected with ransomware; apps and extensions may lead to a ransomware infection as well. You can read about it in our article about ransomware infecting Google Drive. In a nutshell, an app/extension may contain malicious code. Giving permissions to corrupted software may result in having your own files attacked.

Backing up data to an external drive is not the best solution either. Hackers may know that the storage containing the backups is connected to the Internet and time the attack to hit the target. Besides, when an organization’s data flow is intense, handling hard drives becomes extremely time-consuming. 

That’s why you may ask a natural question: “Is there a ransomware-proof backup solution?” Yes, there is. 

Ransomware-proof Backup Solutions for G Suite and Office 365

SpinSecurity for G Suite and Office 365 is an automated backup solution combined with advanced ransomware detection tools. SpinSecurity utilizes an innovative ransomware detection method—behavioral analytics. This method is based on understanding ransomware patterns via abnormal file behavior. 

Try Ransomware-Free Backup for Google Workspace and Microsoft Office 365

Try Spin!

What features does our backup solution offer to keep your data safe and secure from ransomware? 

  • Automated daily backup.
  • Backup data is stored in the cloud of your choice.
  • Data recovery with folder hierarchy preservation.
  • Multiple backup versions.
  • Customizable backup frequency and retention.
  • Advanced search options and reporting.
  • Unique machine learning algorithms that allow 99% accuracy in detecting ransomware (you can read more about them here).