You might see that the Dropbox Community team have been busy working on some major updates to the Community itself! So, here is some info on what’s changed, what’s staying the same and what you can expect from the Dropbox Community overall.
Forum Discussion
Is Dropbox a safe haven from ransomware?
1) If my local computer and presumably my local network drive were to be encrypted by a ransomware attack, would my Dropbox files also be encrypted?
2) Or is Dropbox a safe place place for my files in such a situation?
3) If not, what procedures (details please) are available to retrieve files that existed before the attack?
- Rich
Super User II
They should just add a notification for suspicious activity (ie: all files were changed within an hour
When a crypto attack takes place, the files are usually renamed. Dropbox sees this as a delete and an add (original file is deleted and the encrypted version is added). When it sees that a large number of files have been deleted it will send you an email notification, assuming you have that option enabled on your Account page. Look for the Email notifications section on the bottom left.
- Rich
1) If you have files in your local Dropbox folder they would become encrypted as well. If you then have the Dropbox software running, those files would then sync to the cloud and any other devices you have.
2) No place is safe once you're infected with ransomware. If the files are on your system they can be encrypted regardless of which service you're using.
3) See here:
https://www.dropbox.com/help/400
https://www.dropbox.com/help/296
https://www.dropbox.com/help/11 - Rich
1) When a file becomes encrypted and is synced to Dropbox, it is synced as a change, so the previous unencrypted version would be available for recovery.
2) If I had to guess, probably not, and it's not really their responsibility to do so (IMHO). Dropbox provides a file sync service; nothing more. Any antivirus, anti-malware, etc., is the responsibility of the end user. Protect your system and you won't have to worry about it.
- Rich
Dropbox already keeps all files for a period of 30 days, no extra costs involved, and you can request a rollback of your account to a point prior to the infection. An option for one year of recovery does cost extra, as you mentioned previously.
Oh cool, I didn't know that. They should just add a notification for suspicious activity (ie: all files were changed within an hour or 2) with a prompt to roll back your files/quarantine the encrypted ones for 30 days if desired. I may have to upgrade to Pro to protect my photos, Dropbox camera upload works so well!
(I missed the comment you had above Rich where you said "so the previous unencrypted version would be available for recovery")
- Rich
My computer is a Mac. It's immune from ransomeware.
No, it's not.
1) In case of ransomware encryption, are all--even older versions of--files encrypted. In other words, would there be an unencrypted backup version of my files on Dropbox from which I could restore even if some files had only the one version I originally stored on Dropbox? I'm trying to distinguish between frequently updated files where a recent version change has taken place (as I assume the instructions at https://www.dropbox.com/help/11 refer to), and static files that have not been updated in a long time.
2) is Dropbox working on a defense strategy against ransomware encryption?
Thanks for your advice.
It seems that if you pay for the Pro version they should provide protection against ransomware encryption.
It does look like the "extended version history" option may cover you in case of ransomware because all versions of files are kept for 1 year without counting toward your quota, but this option obviously adds a lot to the cost.
- Rich
It seems that if you pay for the Pro version they should provide protection against ransomware encryption.
How? Dropbox can't see that the files are encrypted (files uploaded to Dropbox are split into 4MB chunks), and even if it could, how could it differentiate between those encrypted by ransomware and those purposefully encrypted by the user?
Simply put, the security of your computer and the data stored on it is your responsibility. There are ways to protect your system from ransomware. Use them.
One option that comes to mind would be if Dropbox detects all files on the entire accoint have suddenly changed at once they could keep a backup of the old files for a week and notify the user of the suspicious activity. If the cost of this gives you heartache then they could add it as an option for an additional fee.
