FAQ

The specialists answer to you

FAQ : #3-2-1 rule

Feel free to contact us to ask some questions or share a comment.

Modern ransomware primarily targets backups to maximize pressure on victims. Here's how to identify if your backups are compromised:

  • Network backups (NAS, backup server): check the file extension — an unknown or added extension (.locked, .encrypted, etc.) indicates an infection. Also, check the metadata (recent and unusual modification date).
  • Synchronized cloud backups: if the synchronization client (OneDrive, Dropbox, etc.) was active during the attack, the encrypted files have probably replaced the originals. Check the version history before restoring.
  • Offline backups (disconnected external drive, LTO tape): if they were not connected to the network during the attack, they are generally intact.

The 3-2-1 rule (3 copies, 2 different media, 1 offsite) with at least one air-gapped copy is the most effective protection against ransomware.

#encrypted backups #NAS ransomware #backup #3-2-1 rule #air-gap

The PLUS of SOS Data Recovery

  • Swiss leader of Data recovery

  • Extranet Follow-up

  • Security copy of the device

  • Secure offices

  • Data encryption on request

  • Storage in a safe

  • Monitoring of the parcels

  • Over 20 years of experience

  • Confidentiality