Malware and local backups

For various reasons (topic for a different thread) I am having trouble setting up and maintaining network backup storage so I am saving backup images on local disks for now. I know this makes the backup more vulnerable to malware but not sure how much more.
For example, I have set up Acronis TI to back up the system partition on a second partition on the disk. I found that I can remove all users except for System on this second partition and still have TI able to save images there.
What I am hoping is that malware would be blocked from accessing the image files. I am running Windows7 and typically operate in a restricted account so, in theory, any malware would not be able to read/write what is on the backup partition.
I am particularly concerned about things like Cryptolocker that might try to prevent me from restoring an image file by encrypting or destroying it.
Of course there is the Trojan Horse malware that could trick me into entering the admin password but I hope I am smart enough not to do that!

 

brians08,

You are a brave man with the backup on the same HD as the OS. What happens if the HD fails?

I suggest creating your backups to two separate HDs. One internal and one external. Only connect the external HD during backup time.

 

I really just want to know whether to expect malware to be sophisticated enough to gain system permissions and access the restricted image files. Maybe I could remove all permissions then have a task scheduled that would add system permission during the backup window then remove it again when complete?

That is not the only backup of the OS. I have 2 thumb drives in a drawer. One has a copy of the factory restore image and the other has a the initial TI image after initial installs and configuration.
What is on the second partition are the weekly rolling incremental backups. These exist for the purpose of recovery of software issues such as malware infection, new driver conflicts, etc...

Yes, I would like to have a NAS to send these incrementals to but I have tried that and it didn't work. The NAS units that will work are out of my price range (cost more than the laptop I am protecting). Even then, these higher end NAS servers don't do everything. For example, I would like the server to sync with the backup schedule. I want a NAS that is locked down unless there is a backup occurring. It wold unlock the storage disk 5 minuts before the scheduled backup and, when the backup was finished, would lock down again. Something like a time lock safe. I'm sure this could be done but would require a dedicated LINUX server and many hours of configuration. Prohibitively expensive for me.

 

OK, understood.

Does this help?

http://askleo.com/will-malware-infect-the-backups-on-my-connected-backup-drives-as-well/

 

With your current scheme, you could use a sync program like FreeFileSync to periodically sync the incrementals on the 2nd partition to a thumb drive, which you could alternate round-robin.

 

It is not impossible for malware to infect an image file but it is unlikely. There are many different formats and the malware would have to know at least several of the most common. The article Brian posted pretty much sums it up.

I keep a copy of the system image on the the data partition of the same computer it was made from for convenience, always the most recent image, but I always have a copy of it plus several previous images on an external hard drive.

 

True, but encryption, deletion, or other corruption of image files is another matter.

 

Malware would more likely mess up the file headers or first and last few sectors of a large image file, *if* that's what it's targeting. More insidious would be flipping random bits in random files. Quietly. Or it could zero-out a few sectors and call it a day.

In the current climate, malware doesn't usually target backups.

Personally, I prefer occasional offline imaging via boot disc in round robin style. And then filesync for small and frequently changed data - like my personal journal, photos and other stuff. I've made it a point to do backups when time permits so as to avoid falling victim to an annoyingly strict schedule, getting pissed, and doing nothing.