In January 2021, reports surfaced of a backup-busting ransomware strain called Deadbolt, apparently aimed at small businesses, hobbyists, and serious home users.
As far as we can see, Deadbolt deliberately chose a deadly niche in which to operate: users who needed backups and were well-informed enough to make them, but who didn’t have the time or funds to give their backup routine the attention it really deserved.
Many ransomware attacks unfold with cybercriminals breaking into your network, mapping out all your computers, scrambling all the files on all of them in unison, and then changing everyone’s wallpaper to show a blackmail demand along the lines of, “Pay us $BIGVAL and we’ll send you a decryption key to unlock everything.”
Deadbolt, ignores the desktops and laptops on your network, instead of finding and attacking vulnerable network-attached storage (NAS) devices directly over the internet.
What to do?
1.Don’t rely on automatic patching working every time. Whether it’s a NAS device, your mobile phone, a smart TV or a laptop, don’t simply “set and forget” automatic updates. Regularly verify that any updates you do receive, whether they’re forced on you, automatically fetched or manually requested, have gone through correctly.
2.Don’t rely entirely on online backups. Along with any online backups such those made to connected NAS units, you should also maintain an offline backup that can’t be wiped out automatically in a cyberattack.
When it comes to backups, you might find the “3-2-1 rule” handy.
full article: https://nakedsecurity.sophos.com/2022/03/23/serious-security-deadbolt-the-ransomware-that-goes-straight-for-for-your-backups/