Nextcloud is not only a great collaboration platform. It is also an effective tool against ransomware!
Ransomware is rapidly becoming more dangerous, with targeted and untargeted attacks rising 7 times compared to 2019, as ZDnet recently reported. Each attack can require payment of hundreds of thousands of dollars, but besides those direct costs, the disruption to work that organizations experience is massive.
A file sync solution can help protect from Ransomware attacks in two ways.
1. Detect attacks
Notification of potential ransomware
Many ransomware solutions change the extensions of files they encrypt, or add very specifically named files like your_files_are_encrypted_read_this.txt. Nextcloud can keep a list of such names and extensions. When they are found upload can be blocked and users and admins can be warned. This is indeed what our Ransomware Protection app does. Admins can modify the checklist to ensure it is always up to date, but we make sure that new versions of the app also include updated ransomware extension lists. You can find the app in our app store
Admin configuration
2. Allow data recovery
Modern ransomware is hard to recover from. A time-based backup is sadly not sufficient, as the ransomware takes its time to encrypt files and usually waits with encrypting recently used files until the last moment, delaying discovery. This means that putting back a full backup from the moment of discovery will not work – one has to go back days or weeks to get back the earliest encrypted files. And that means all work done for days or weeks would be lost.
What is needed is for each file to determine when it was infected and recovering just the version before it. Nextcloud uniquely offers this capability with the Ransomware Recovery app, developed by the University of Konstanz in Germany. It uses entropy analysis to detect when files were encrypted and offers one-click recovery, bringing each individual file back to just before it got encrypted. The best part is that the app can even be installed AFTER the infection took place and still recover data, analyzing the version information in Nextcloud.
Nextcloud offers the most advanced security technology in the on-premises content collaboration market and our ransomware protection and recovery tools are a part of that protection offered. Of course, ransomware attacks are multi-faceted and especially in cases of targetted attacks, one can expect the attackers to try and circumvent the protections in place in an organization. We therefore certainly recommend customers to also employ other active and passive measures, like using our anti-virus scanner (which optionally can use an on-premises Kaspersky anti-virus scan server).
Nextcloud Hub 9 te permite estar conectado. Descubre nuevas funciones de federación, automatización del flujo de trabajo, una gran revisión del diseño y mucho más en tu plataforma de colaboración de código abierto favorita.
Maintenance updates 28.0.11 and 29.0.8 for Nextcloud Hub 7 and 8 respectively are here! Read an update summary and access full changelog on the website.
Welcome the new sponsor of Nextcloud Enterprise Day 2024 — OVHcloud. A pioneer of the European cloud service industry, OVHcloud is committed to open source standards and provides the means to reach true digital sovereignty for businesses and public sector globally.
Guardamos algunas cookies para contar los visitantes y facilitar el uso del sitio. Esto no sale de nuestro servidor y no es para rastrearte personalmente. Consulta nuestra política de privacidad para obtener más información. Personalización
Las cookies estadísticas recopilan información de forma anónima y nos ayudan a comprender cómo utilizan nuestro sitio web nuestros visitantes. Utilizamos Matomo alojado en la nube.
Matomo
_pk_ses*: Cuenta la primera visita del usuario
_pk_id*: Ayuda a no contar dos veces las visitas.
mtm_cookie_consent: Recuerda que el usuario ha dado su consentimiento para almacenar y utilizar cookies.
_pk_ses*: 30 minutos
_pk_id*: 28 días
mtm_cookie_consent: 30 días