I spent last Tuesday negotiating with a criminal syndicate based in Eastern Europe. They weren’t asking for a hostage exchange or a briefcase full of cash. They were asking for 0.5 Bitcoin because they had encrypted the laptop of a freelance photographer in Seattle.
She was crying on the other line. Her entire portfolio weddings, newborn shoots, commercial projects was gone. Locked behind a military-grade encryption key. She had an antivirus. She had a firewall. She even had her files in OneDrive.
It didn’t matter.
If you live in North America, Europe, or Australia, you need to understand something about the modern internet: You are a whale. To a hacker sitting in a basement in a non-extradition country, your digital life is worth a year’s salary. They don’t want to steal your identity; that takes too much work. They want to hold your memories hostage because they know you’ll pay to get them back.
And the terrified photographer asking me if she should mortgage her car to pay the ransom? She made the same mistake everyone makes. She thought “Syncing” was “Backing Up.”
Here is the brutal truth about how to actually protect yourself, from someone who cleans up the mess after the red screen appears.
The Great “Cloud Sync” Lie
We need to kill this myth immediately. Dropbox, Google Drive, OneDrive, and iCloud are not backup services.
They are synchronization services. Their job is to mirror exactly what is on your computer.
Think about the mechanics of a ransomware attack. You click a bad link. A script runs. It renames Wedding_Photo.jpg to Wedding_Photo.jpg.encrypted. Your Google Drive app sees this change. It thinks, “Oh, the user modified this file! I should update the cloud version immediately.” Within seconds, the cloud syncs the encrypted garbage file, overwriting the good version on the server. The ransomware effectively uses your own cloud tool to destroy your safety net.
Yes, some of these services have “Version History,” but have you ever tried to roll back 50,000 files one by one using a web interface? It is a special kind of purgatory. You need a dedicated tool that moves data in one direction only: away from the danger.
The “Air Gap”: The Only Defense That Works
In the cybersecurity industry, we talk about the “Air Gap.” It sounds fancy, but it just means “a gap of air between your data and the internet.”
Ransomware is smart. It scans your local network. If you have a fancy NAS (Network Attached Storage) drive permanently connected to your Wi-Fi, the virus will find it and encrypt it too.
The best defense for a home user cost about $60. Go to a store. Buy a rugged, external USB hard drive (WD, Seagate, LaCie it doesn’t matter). Once a week maybe Sunday night while you’re dreading Monday morning plug it in. Run a backup. Then unplug it.
Put it in a drawer. Put it in a fireproof box. Give it to your neighbor. If a hacker gains total control of your PC on Wednesday, they cannot touch the drive sitting in your desk drawer. You cannot hack a cable that isn’t plugged in. It is physically impossible. This is your “Go Bag.” If the house burns down (digitally speaking), you grab this drive and walk away.
The 3-2-1 Rule (The Boring Standard)
If you want to be bulletproof, you follow the rule that every IT admin in London, New York, and Sydney has tattooed on their brain: 3-2-1.
-
3 Copies of your data. (The live one on your laptop, plus two backups).
-
2 Different Media types. (Don’t put both backups on USB sticks from the same batch).
-
1 Copy Offsite.
The “Offsite” part is crucial. If someone breaks into your house and steals your laptop and your backup drive, you are at zero. For users in the US and Europe with decent upload speeds, use a dedicated cloud backup service like Backblaze or Carbonite. These aren’t like Dropbox. They run quietly in the background, backing up everything. Crucially, they allow you to order a physical hard drive via mail if you need to restore everything at once.
For my friends in Australia or rural areas where upload speeds are tragic: Use the “Mom Strategy.” Buy two hard drives. Keep one at your house and one at your mom’s house. Swap them every time you visit for dinner. It’s low-tech, but it works.
The “Restore Drill”
Here is the part nobody does. Schrödinger’s Backup states: The condition of any backup is unknown until a restore is attempted.
I once consulted for a law firm that changed backup tapes every night for five years. When they finally crashed and needed to restore, they found out the tape drive had been broken since 2018. They had five years of blank tapes.
Don’t let that be you. Once a month, plug in your backup drive. Pick a random photo from three years ago. Try to open it. Does it open? Good. Does it say “Corrupted”? Throw the drive in the trash and buy a new one. Hard drives are not heirlooms; they are fragile spinning rust. They die. Expect them to die.
The photographer I mentioned earlier? She didn’t pay the ransom. She couldn’t afford it. She lost five years of work. Her reputation took a massive hit.
Don’t rely on luck, and don’t rely on Windows Defender. Ransomware is an industry. It has customer support hotlines. It has R&D departments. They are professionals. The only way to beat a professional is to be prepared. Go buy the $60 drive. Plug it in. Copy your life onto it. And then, most importantly, pull the plug.