My backup files are in the encrypted folder of the Icedrive cloud. Suppose I get a ransomware virus on my computer, corrupting my files. What exactly happens then? Will Icedrive automatically upload the corrupted files to the cloud, thereby replacing the original ones? And if so, can I still restore the last non-corrupted version of each file?
yes to both (if your icedrive is mounted or a sync is active), icedrive saves file versions. right-click the file, ‘version history’ in the web or ‘Icedrive’ → ‘Versioning’ in windows explorer, and you can download any version you want (though I have been unable to download versions over 1GB via the web interface).
i think possibly though, if you get any malware that just deletes files, then all versions would get deleted too. i don’t think there is a ‘trash’ folder on the encrypted part of icedrive iirc, deletes are permanent.
2 Likes
Thank you! You raise a good point about malware that simply deletes files. 
Can someone on the Icedrive team (@Tom? @Chris?) confirm that this is indeed a threat to my data, assuming the setting “Delete” for “Remote”? If so, I will take additional backup measures on my side that provide for a so called “air gap.”
Either way, I would also like to learn a bit more about Icedrive’s exact behavior in the event of a ransomware attack:
- If a ransomware attack causes many uploads to the cloud, eating up cloud storage space, will Icedrive just stop uploading files, or will it try to create space by deleting old file versions first?
- Is there an option to roll back many files at once, or can they only be restored manually one at a time?
1 Like
