Question - Can ransomware write to an unmounted drive? I have in the last week started to turn off my HD docks but I'm not sure if just turning them off is enough? Turning off removes the Windows drive letter. Is this ok, or should I just remove the drive from the dock? I was playing with Partition Wizard a couple of days ago and from what I remember, it was partitioning while my drive was not mounted, meaning a hacker could also, yes/no?? Also remember, in Disk Management drives can also be seen without being mounted (without drive letters).
I have wondered similar things. One option I was thinking about was to backup to NAS that was under control from of the backup software. For example, the backup software would execute a command on the NAS to power down when the backup was done. Then when the next backup was scheduled, a program would be run that would command a network relay to cycle power and force the NAS to start. Of course there is no end to this. The backup software could send a command to the NAS to mark completed backup files as read only, and on and on....