Automating backups isn’t hard at all. I have an anacron job (actually a LaunchAgent on this Mac) that runs rdiff-backups over a keypair ssh connection to a remote host. (That’s rsync-based so it’s not the cleverest about what to increment — if you move an otherwise-unchanged file to a different directory it’ll push the whole file again instead of just updating the reference, but as long as it’s not something massive that’s not a big problem. Any big db would have its own backup routine anyway.)
As far as the encryption end, it shouldn’t be all that hard to implement something that hooks into the save-file routine to automatically reëncrypt. I’d be surprised if something like that didn’t already exist. Or maybe be able to flag a folder as Always Encrypted and then a daemon watches its contents for changes? I may not actually know what I’m talking about.
I’m not sure what’s happened in this case, but in the case of cryptolocker (last year’s variant) they got hold of cryptolocker’s infrastructure and reverse engineered their malware to get at its keys.
I believe incremental backups are a pretty safe protection for this, unless it’s done automatically by a NAS or server. The reason being that if you are hit everything, including the incremental backup uploading tool, are disabled.
The other thing I heard that is an effective way to mitigate this is by running as a user that does not have Administrator privileges. If you don’t have admin rights the program cannot run by itself.
Hell, we had a better privilege/permissions model in VMS in 1986. And in Novel Netware, for that matter, in the 90s. chmod is paleolithic, only Windows (with it’s lack of distinction between user and system space) and OS390/MVS are worse.
Well, Dave Cutler was not happy with the NT final architecture. It did use his queued I/O and large memory block relocation stuff, but after WNT came out he went on extended “vacation” and the rumor is that MS had to beg on bended knee to get him to come back to the shop.
