Ge­nius Tips

Howard Oak­ley solves Mac and iOS is­sues

Mac Format - - CONTENTS - by JohnVar­coe

QMy Mac backs up to four places: a lo­cal Time Ma­chine backup, a NAS, Drop­box, and each month to an ex­ter­nal disk. If at­tacked by ran­somware, would those be at risk?

AMuch de­pends on how well writ­ten the ran­somware is, and what vul­ner­a­bil­i­ties it ex­ploits. Ran­somware typ­i­cally starts en­crypt­ing lo­cal stor­age. Be­cause macOS has Sys­tem In­tegrity Pro­tec­tion (SIP), sys­tem files and bun­dled apps can’t nor­mally be en­crypted be­cause of that. It’s thus most likely to start with your Home folder; if that’s large, it could take hours to en­crypt com­pletely.

SIP only pro­tects startup volume, so even­tu­ally the ran­somware could get to en­crypt your back­ups, when they’re mounted. With mul­ti­ple back­ups, that’s un­likely to hap­pen be­fore it an­nounces its pres­ence, or you de­tect it. When your monthly drive isn’t con­nected, mal­ware can’t at­tack it, mak­ing it a valu­able part of your pro­tec­tion strat­egy.

Al­though anti-virus prod­ucts nor­mally in­cor­po­rate checks and sig­na­tures once mal­ware has been iden­ti­fied by re­searchers, most can’t of­fer good pro­tec­tion un­til the mal­ware is known.

Generic tech­niques are the only means of pro­tec­tion from un­known mal­ware: Ob­jec­tive-See’s Ran­somWhere? from ob­jec­tivesee_ran­somware uses a generic ap­proach and should warn you very early if ran­somware starts en­crypt­ing your files.

Con­ven­tional anti-virus prod­ucts should pro­tect from known ran­somware, but you need pro­tec­tion like Ran­somWhere? to de­tect sus­pi­cious ac­tiv­ity.

EXPER T AD VICE Our res­i­dent ge­nius solves your Mac and iOS prob­lems

Newspapers in English

Newspapers from Australia

© PressReader. All rights reserved.