Nextcloud is not only a great collaboration platform. It is also an effective tool against ransomware!
Ransomware is rapidly becoming more dangerous, with targeted and untargeted attacks rising 7 times compared to 2019, as ZDnet recently reported. Each attack can require payment of hundreds of thousands of dollars, but besides those direct costs, the disruption to work that organizations experience is massive.
A file sync solution can help protect from Ransomware attacks in two ways.
1. Detect attacks
Notification of potential ransomware
Many ransomware solutions change the extensions of files they encrypt, or add very specifically named files like your_files_are_encrypted_read_this.txt. Nextcloud can keep a list of such names and extensions. When they are found upload can be blocked and users and admins can be warned. This is indeed what our Ransomware Protection app does. Admins can modify the checklist to ensure it is always up to date, but we make sure that new versions of the app also include updated ransomware extension lists. You can find the app in our app store
2. Allow data recovery
Modern ransomware is hard to recover from. A time-based backup is sadly not sufficient, as the ransomware takes its time to encrypt files and usually waits with encrypting recently used files until the last moment, delaying discovery. This means that putting back a full backup from the moment of discovery will not work – one has to go back days or weeks to get back the earliest encrypted files. And that means all work done for days or weeks would be lost.
What is needed is for each file to determine when it was infected and recovering just the version before it. Nextcloud uniquely offers this capability with the Ransomware Recovery app, developed by the University of Konstanz in Germany. It uses entropy analysis to detect when files were encrypted and offers one-click recovery, bringing each individual file back to just before it got encrypted. The best part is that the app can even be installed AFTER the infection took place and still recover data, analyzing the version information in Nextcloud.
Nextcloud offers the most advanced security technology in the on-premises content collaboration market and our ransomware protection and recovery tools are a part of that protection offered. Of course, ransomware attacks are multi-faceted and especially in cases of targetted attacks, one can expect the attackers to try and circumvent the protections in place in an organization. We therefore certainly recommend customers to also employ other active and passive measures, like using our anti-virus scanner (which optionally can use an on-premises Kaspersky anti-virus scan server).
With rising concerns over data privacy and new regulations, Governments are increasingly moving away from foreign cloud providers. The best solution for governments is to be digitally sovereign, or in other words, have control over your digital destiny. Nextcloud offers government the most ideal package – a self-hosted, private cloud solution that’s under your full […]
Nextcloud Enterprise Day is soon here and we have an amazing lineup of speakers providing insightful talks! One of those speakers is George Imrie from Nextcloud customer T-Systems – Deutsche Telekom’s business-customer IT affiliate. T-Systems is a digital transformation specialist, with operations in 20 countries worldwide.In preparation for their talk at the Nextcloud Enteprise Day […]
Last week, Nextcoud CEO Frank Karlitschek appeared on one of Germany’s biggest public service TV broadcaster’s: ZDF. Watch the news item by ZDF here. Interviewed in Nextcloud’s Berlin office, Frank explains the challenge the company faces up against big tech giants like Google and Microsoft. “That’s all very difficult for us, due to the fact […]