Question Can ransomware encrypt my onedrive data on Microsoft's servers?

singletond

Distinguished
Mar 7, 2013
6
0
18,510
0
On my Win10 the C:\ drive holds my data under \users\username and a subset of that data under \onedrive. And Microsoft stores a copy of my local \onedrive on it servers.

A ransomware attack could encrypt all my systems local data. However I am told that it would be unable to encrypt the copy of onedrive on Microsoft's servers.

Is that true?

And how does Microsoft achieve that?

Dave
 

singletond

Distinguished
Mar 7, 2013
6
0
18,510
0
Told by whom?

Anything the PC natively sees is liable to get ransomed.
When I look at file manager and access onedrive there I am accessing the \onedrive directory under \users. When i access it on the web it is via www.onedrive.live.com (not my local drive) I am trying understand how Msft copies my onedrive from C:\, then protects its copy from ransomware. But permits me to change it (via change to C:\).
Any ideas?
 

Bob.B

Prominent
Feb 8, 2021
878
107
590
12
On my Win10 the C:\ drive holds my data under \users\username and a subset of that data under \onedrive. And Microsoft stores a copy of my local \onedrive on it servers.

A ransomware attack could encrypt all my systems local data. However I am told that it would be unable to encrypt the copy of onedrive on Microsoft's servers.

Is that true?

And how does Microsoft achieve that?

Dave
Look at it this way.
If it's connected in ANY way it's vulnerable.
 

singletond

Distinguished
Mar 7, 2013
6
0
18,510
0
And any ransomware problems are likely all on you anyway:

https://www.microsoft.com/en-us/servicesagreement

Read "Warranties" (12.) and "Limitation of Liability" (13.)

(Actually reading the entire agreement is quite enlightening. I am not a lawyer so my comment is purely subjective.)

Backups, Backups, Backups.......
Just read the Warranties and Limitations of Liability sections: Fascinating.
Reminds me that a while back (at Broadwing/Level3 I think) a colleague (on the consulting side) was talking to a guy from the network side. The network guy said that when a customer asked for a high service level, they always agreed and just built in the penalties for non-performance into the customers contract price. Quite an eye opener to me back in those days.
 

OrlyP

Proper
Aug 20, 2020
211
37
140
5
Windows 10 has a built-in ransomware protection for OneDrive accounts... Windows Security > Virus and threat protection > Ransomware protection.

This is but just another layer of protection and it's never a guarantee that you're 100% protected. Always use common sense and best practices... ie. Be careful about the files you open or run.... and do regular backups.

Ransomware typically attacks the local and possibly any attached network storage. It may not have direct access to your files on the OneDrive cloud but the local copies can get encrypted and replicated to their cloud copies. I think this is where the Ransomware protection mechanism in Windows 10 comes in. My take is that, if it detects unusual activities on the local copies of your OneDrive files, it warns you about it and lets you restore your files using the copies from the cloud. https://support.microsoft.com/en-us/office/ransomware-detection-and-recovering-your-files-0d90ec50-6bfd-40f4-acc7-b8c12c73637f
 

ASK THE COMMUNITY

TRENDING THREADS