Backups against ransomware attacks

by Manfred Wöller

Publication date

What to do if you have caught ransomware, your hard drive data has been encrypted and a ransom is being demanded for its release?

Either you pay the extortionist sum X in the form of bitcoins or you give him the finger and invest your money in a new hard drive and the restoration of your data from a backup.

The second option, however, requires that you have operated a sensible backup strategy in advance.

Backups - priority 1

Making regular backups should be a natural habit and automatic. But time and again, damage must first occur before you finally become aware of it. By the way, backups not only protect against the consequences of ransomware attacks, but also fundamentally against data loss, as can also happen, for example, when a hard drive smokes.

But a simple data backup is not enough, although that is a good start. In the event of a ransomware attack, the entire system must be rebuilt. If you have only saved the data, this probably means a lot of work. It would be easier to back up not only the data, but also the operating system with system settings and all the applications. If you can find out when exactly the infection happened, look in the timestamps, pick a time before that and perform a restore. All of this is best done right away with a new hard drive, just to be on the safe side.

Sounds good, but what exactly to do?

I have deliberately avoided technical details and explanations of the various backup strategies and recovery measures (disaster recovery). Why? Because there is no blanket and optimal solution.

Invite us to your premises for a workshop. We'll let you show us your IT and explain your ways of working, and then we can analyze which variants suit you best.


No one should work without backups anymore. However, to safely protect yourself from data loss, it takes more than just storing your files on an external hard drive. A data backup concept is needed.