The 3-2-1 backup strategy – Protect your photography from ransomware attacks

In terms of photography a ransomware attack could be devastating. Image all of your photos suddenly being inaccessible.

Disclosure: This post contains affiliate links. If you click through and make a purchase, I’ll earn a commission, at no additional cost to you. Read my full disclosure here.
Advertisements

It appears that large companies getting attacked, and their data held for ransom, is all the rage right now. First, Garmin had to shut down many of its services for more than just a few days, and it now appears that Canon is in the same sticky situation. Let’s take a brief look at what happened in these Ransomware attacks, and more importantly, what we can learn from it.

What even is ransomware?

According to Wikipedia, ransomware is “a type of malware that threatens to publish the victim’s data or block access to it unless a ransom is paid”, hence the name. That ransom usually comes in the form of bitcoin or other cryptocurrencies. Which makes perfect sense if you prefer not to be tracked.

Bitcoin is often expected to decrypt ransomware attacks

It appears that Canon got threatened with both of those scenarios. The full double whammy. A group calling itself Maze is claiming to have stolen 10 terabytes of data and have encrypted numerous files on Canons systems. Let’s not beat around the bush. Ransomware is a scam and the attackers are nothing more than scammers trying to make an easy buck.

I don’t want to, and also can’t go too far into what happened to Canon. Mainly because the details are still unravelling, and I don’t want to give away any false information. It is entirely possible that Canon will have to pony up to get their data back.

In the case of Garmin, they reportedly ended up paying the multi-million ransom to decrypt the data. It was either that or losing a bunch of customers and risking being sued. As Garmin stores a lot of health-related data and data on when their users are out running or biking, it must have been an especially tricky situation for them.

Ransomware targets everyone, even you

Ransomware scams aren’t just aimed at large companies such as Garmin and Canon (or more recently, Manchester United). The payoff is obviously a lot higher if you can take out a multinational company, but there’s also money to be made from scamming individuals. Especially if you can infect many computers in one go, as was seen with the WannaCry attack.

WD 5TB My Passport Portable External Hard Drive HDD, USB 3.0, USB 2.0 Compatible, Black - WDBPKJ0050BBK-WESN
Seagate Backup Plus 5TB Portable Hard Drive with Rescue Data Recovery Services
LaCie Rugged USB-C 5TB External Hard Drive Portable HDD – USB 3.0, Drop Shock Dust Rain Resistant Shuttle Drive, for Mac and PC Computer Desktop Workstation Laptop, 1 Month Adobe CC (STFR5000800)
Toshiba Canvio Advance 4TB Portable External Hard Drive USB 3.0, Black - HDTCA40XK3CA
Product
WD My Passport Ultra
Seagate Backup Plus Portable
LaCie Rugged
Toshiba Canvio Advance
Capacity
4 TB
5 TB
5 TB
4 TB
Interface
USB 3.1 (USB-C)
USB 3.0 (USB-C)
USB 3.0 (USB-C)
USB 3.0
Hard drive rotational speed
5400 RPM
5400 RPM
5400 RPM
5400 RPM
Size
110x82x21 mm (‎4.33x3.21x0.83 in)
‎144.5x78x20.5 mm (4.51x3.07x0.81 in)
26x86x135 mm (1.02x3.39x5.32 in)
109x79x20 mm (4.3x3.1x0.77 in)
Weight
232 g (‎8.2 Ounces)
247 g (‎8.7 ounces)
399 g (14.1 ounces)
218 g (7.68 ounces)
Price
$119.99
$159.48
$179.00
$87.99
-
WD 5TB My Passport Portable External Hard Drive HDD, USB 3.0, USB 2.0 Compatible, Black - WDBPKJ0050BBK-WESN
Product
WD My Passport Ultra
Capacity
4 TB
Interface
USB 3.1 (USB-C)
Hard drive rotational speed
5400 RPM
Size
110x82x21 mm (‎4.33x3.21x0.83 in)
Weight
232 g (‎8.2 Ounces)
Price
$119.99
Seagate Backup Plus 5TB Portable Hard Drive with Rescue Data Recovery Services
Product
Seagate Backup Plus Portable
Capacity
5 TB
Interface
USB 3.0 (USB-C)
Hard drive rotational speed
5400 RPM
Size
‎144.5x78x20.5 mm (4.51x3.07x0.81 in)
Weight
247 g (‎8.7 ounces)
Price
$159.48
-
LaCie Rugged USB-C 5TB External Hard Drive Portable HDD – USB 3.0, Drop Shock Dust Rain Resistant Shuttle Drive, for Mac and PC Computer Desktop Workstation Laptop, 1 Month Adobe CC (STFR5000800)
Product
LaCie Rugged
Capacity
5 TB
Interface
USB 3.0 (USB-C)
Hard drive rotational speed
5400 RPM
Size
26x86x135 mm (1.02x3.39x5.32 in)
Weight
399 g (14.1 ounces)
Price
$179.00
Toshiba Canvio Advance 4TB Portable External Hard Drive USB 3.0, Black - HDTCA40XK3CA
Product
Toshiba Canvio Advance
Capacity
4 TB
Interface
USB 3.0
Hard drive rotational speed
5400 RPM
Size
109x79x20 mm (4.3x3.1x0.77 in)
Weight
218 g (7.68 ounces)
Price
$87.99

These scams started appearing in 2012 and despite taking a dip in 2016 and 2017 they’ve been back with a vengeance since 2018. Ransomware doesn’t exclusively target computers any more, and there have been cases of ransomware on iPhones and Android phones.

Prevention is key

As with any type of malware, prevention is the best way of avoiding these types of scams. Don’t open any email attachments from unknown senders, don’t download and install pirated software, and don’t click on random links you might see on the web. And it goes without saying that you should always keep your operating system and anti-virus up to date.

You don’t even have to pay for anti-virus software any more, as Windows Security is actually pretty decent and almost certainly already installed on your system. That is, if you aren’t a Mac user. And yes, Macs can also be infected with ransomware, but their occurrence is much rarer. And as I’ve not used any Apple products for the past decade, I’m not in the position to give you any advice on how to avoid malware on macOS.

But even if you follow these rules, you might be at risk. The WannaCry worm which made headlines for affecting the NHS, among others, travelled across networks without any user interaction. Basically, we’re all at risk, all the time.

What ransomware does to your data

So, what does ransomware do to your computer when it’s infected? Ransomware will go through all of your files and encrypt everything. Alongside your now encrypted files, you will generally find a text or HTML file telling you to pay a certain number of bitcoin into a certain account belonging to the attacker. Once the ransom has been paid, you will generally receive the key to decrypt your files.

Ransomware encrypting photographs

Either that, or the ransomware will steal all of your data and upload it to the attacker’s system. In that case, they will threaten to publish the data if you don’t pay up. But it’s generally the former option which is meant when speaking of ransomware. Having ransomware encrypt a victim’s data is much more efficient than uploading it all to a server.

Ransomware could destroy your photography business

In terms of photography, this could obviously be devastating. Image all of your photos from your travels, photos of your kids growing up, and all of your memories stored as images suddenly being inaccessible. And that is why many end up paying the ransom. So many of our memories are stored digitally on computers.

WD 18TB My Book Desktop External Hard Drive, USB 3.0, External HDD with Password Protection and Backup Software - WDBBGB0180HBK-NESN
WD 36TB My Book Duo Desktop RAID External Hard Drive HDD, USB 3.1 Gen-1 Ready, USB 3.0 Compatible - WDBFBE0360JBK-NESN
Seagate (STEB6000403) Expansion Desktop 6TB External Hard Drive HDD – USB 3.0 For PC Laptop
SanDisk Professional 18TB G-DRIVE Enterprise-Class Desktop Hard Drive HDD, Ultrastar Drive Inside, Up to 195MB/s, USB-C (5Gbps), USB 3.2 Gen 1 - SDPH91G-018T-NBAAD
LaCie d2 Professional 14TB External Hard Drive Desktop HDD – Thunderbolt 3 USB-C USB 3.0, 7200 RPM Enterprise Class Drives, for Mac and PC Desktop, 1 Month Adobe CC (STHA14000800)
Product
WD My Book Desktop
WD My Book Duo
Seagate Expansion Desktop
SanDisk Professional G-Drive
LaCie d2 Professional
Capacity
18 TB
2 * 18 TB
14 TB
18 TB
14 TB
Interface
USB 3.0
USB 3.1
USB 3.0
USB 3.2 Gen 1 (USB-C)
USB 3.0 (USB-C)
Size
140x48x170 mm (5.5x1.9x6.7 in)
160x100x180 mm (‎6.3x3.94x7.09 in)
176x120x37 mm (6.93x4.75x1.44 in)
196x129x35 mm (7.72x5.06x1.39 in)
188x60x130 mm (7.42x2.36x5.12 in)
Weight
1.3 kg (‎2.86 lbs)
3.2 kg (‎7.06 lbs)
948 g (2.09 lbs)
1.1 kg (2.38 lbs)
1.4 kg (3.09 lbs)
Price
$359.95
$2,378.50
$177.77
$549.99
$444.27
-
-
WD 18TB My Book Desktop External Hard Drive, USB 3.0, External HDD with Password Protection and Backup Software - WDBBGB0180HBK-NESN
Product
WD My Book Desktop
Capacity
18 TB
Interface
USB 3.0
Size
140x48x170 mm (5.5x1.9x6.7 in)
Weight
1.3 kg (‎2.86 lbs)
Price
$359.95
-
WD 36TB My Book Duo Desktop RAID External Hard Drive HDD, USB 3.1 Gen-1 Ready, USB 3.0 Compatible - WDBFBE0360JBK-NESN
Product
WD My Book Duo
Capacity
2 * 18 TB
Interface
USB 3.1
Size
160x100x180 mm (‎6.3x3.94x7.09 in)
Weight
3.2 kg (‎7.06 lbs)
Price
$2,378.50
-
Seagate (STEB6000403) Expansion Desktop 6TB External Hard Drive HDD – USB 3.0 For PC Laptop
Product
Seagate Expansion Desktop
Capacity
14 TB
Interface
USB 3.0
Size
176x120x37 mm (6.93x4.75x1.44 in)
Weight
948 g (2.09 lbs)
Price
$177.77
SanDisk Professional 18TB G-DRIVE Enterprise-Class Desktop Hard Drive HDD, Ultrastar Drive Inside, Up to 195MB/s, USB-C (5Gbps), USB 3.2 Gen 1 - SDPH91G-018T-NBAAD
Product
SanDisk Professional G-Drive
Capacity
18 TB
Interface
USB 3.2 Gen 1 (USB-C)
Size
196x129x35 mm (7.72x5.06x1.39 in)
Weight
1.1 kg (2.38 lbs)
Price
$549.99
LaCie d2 Professional 14TB External Hard Drive Desktop HDD – Thunderbolt 3 USB-C USB 3.0, 7200 RPM Enterprise Class Drives, for Mac and PC Desktop, 1 Month Adobe CC (STHA14000800)
Product
LaCie d2 Professional
Capacity
14 TB
Interface
USB 3.0 (USB-C)
Size
188x60x130 mm (7.42x2.36x5.12 in)
Weight
1.4 kg (3.09 lbs)
Price
$444.27

For businesses, this could, of course, be even more devastating. As already mentioned, Garmin reportedly had to pay millions to get their data back. Other companies have gone into administration as a consequence of such an attack. If you’re a professional photographer, you could easily lose your livelihood to ransomware.

The 3-2-1 backup strategy

Instead of facing the risk of having to pay scammers because they really don’t deserve it, you should be using a solid backup strategy that allows you to continue working as soon as possible. The easiest starting off point is the 3-2-1 backup strategy.

3-2-1 means you have three copies of every file. Two of those copies are kept locally but on different devices, for example on an Unraid NAS. The final copy is kept offsite. Having two copies of your data onsite is great in the case of a hard drive failure or just general damage to your computer. Furthermore, were you to become a victim of ransomware, you could rest assured that you have another copy of all your files hidden away safely on another device. Having a copy of your data easily and readily accessible allows you to continue working in the case of any failures or attacks. Copying something locally will almost always be faster than downloading large datasets from the cloud.

3-2-1 backup in practice

Let’s say you have all of your photographs stored locally on your computer. That would be the first copy of your files. The second copy has to be a different device. So, you don’t want to keep them on a second hard drive inside your computer. If that computer was to get infected with ransomware, that drive would obviously also be affected. The same goes for external drives. If you keep them connected to your computer 24/7 it will be at risk. If you do opt for an external hard drive, make sure you only ever connect it to your computer when backing up. The easiest way of keeping that device safe is simply unplugging it when it isn’t in use.

It goes without saying that you should also keep a backup of your Lightroom Classic catalog on that external drive. Because Lightroom Classic doesn’t actually edit your raw files. That is if you use Lightroom Classic, of course.

A NAS is another popular backup medium. I personally use an Unraid NAS I built myself. But if you do use a NAS and permanently have it connected using a network share, it will very possibly be at the same risk level as any internal drive would be. That is why backup tools such as Bvckup 2 allow you to authenticate from within the app itself. That way, the network drive isn’t permanently connected.

Why you want an offsite copy

As mentioned, local copies are great if you need to gain access to your data quickly. But because local copies are generally stored in the same building they are equally at risk from natural disasters such as floods and fires, as well as theft. If you use an external hard drive to back up your files, you’re probably going to leave it sitting on top of your computer or on your desk. And if your computer gets nicked, I’m confident the external drive would disappear along with it. And that is why the final copy, which is stored offsite, is essential.

That offsite location could, but doesn’t have to be, a cloud storage provider. You could go with Backblaze, Google Drive, Dropbox, or any other provider. Another, potentially cheaper possibility would be an external drive which isn’t stored in the same four walls as the other two devices. Cloud backup services are certainly easier. Using an external drive would require you to get the external drive, bring it home, backup the data, and bring it back again. But it could end up being the cheaper option.

About Liam Alexander Colman

I first heard of Unraid through the same medium as many of us did: The Linus Tech Tips channel on YouTube. At the time, I was running TrueNAS (or FreeNAS as it was called back then) on my DIY NAS built using a dual-core Intel Pentium G4400 at its heart. I was convinced, I had chosen the better operating system. After all, it was free and open-source and had a large community behind it. One day, after once again facing the need to buy another three hard drives, I seriously started researching Unraid and its features. I bit the bullet and gave it a go, transferring my data on to external hard drives that I later shucked and added to the Unraid array. Since that day, I have not looked back once, and I am now an enthusiastic and experienced user of Unraid. You can find out more about Unraid Guides right here.

Leave a comment