First off, what is Ransomware:
Simply put, it is an attack on a computer that encrypts files or makes the PC or application inaccessible until the user pays the attacker a ransom (thus the name) to get access to the keys to unlock the files.
There are different types of ransomware. It may target the entire computer to preventing any access; or encrypt the files on the computer, or stop a particular application from running correctly. In any case, the attacker will demand some type of payment, normally an untraceable money order or bitcoin, before sending you a key code to unlock your computer.
Ransomware can get on a system when you visit a malicious website (or a site had been compromised) and the ransomware is automatically downloaded to your computer. Other ways include the clicking on a link within an email that goes to the attacker’s site. One of the most common email used, is from a shipping company with a link to “track a package” being sent, but it instead goes to a malicious website to automatically download the malware. Depending on the type of ransomware, there are tools that can help you recover your system without making a payment.
Microsoft’s Malware Protection Center has great information about Ransomware here: https://www.microsoft.com/security/portal/mmpc/shared/ransomware.aspx, check it out for more information.
But my files are on the Cloud:
Most of us are using some type of cloud-based file system such as Google drive or Microsoft OneDrive. So can ransomware affect and encrypt your cloud-based storage files? The answer is, yes it can if the files are synced to the local machine that was infected with the ransomware. For example, the OneDrive client on the computer allows for the user to select which file folders are synced with the local machine. Because these file folders are on the local computer, when the PC is infected, the sync program, which is always running, detects a change and syncs the encrypted version of the file to the cloud. If the file folder is not synced, it will not be impacted by the ransomware. This is true for Google drive and other synced cloud-based storage or externally connected hard drives. Even cloud based backups would have the files encrypted.
Storage solutions that have versioning of file history available provide an option to recover your files without paying the attacker. With Microsoft’s OneDrive, you will be able to restore previous, unencrypted versions of your files once you have cleaned or restored your computer. The same is true for most cloud-based backup solutions, such as Carbonite.
It is important to note that backup external drives should not be connected to the computer system at all times. The ransomware will attempt to encrypt everything connected to the computer, this includes synced cloud-based files and external backup hard drives.
Is there any hope:
It should go without saying but the best thing is to never have the computer affected with ransomware.
Be sure to keep your system and application update. This includes applying patches to the Operating System and keep AV up-to-date.
Backup regularly and keep off line.
For Windows 8.1 and 10 users, enable file history (or system protection for Win 7).
Stay safe, keep yourself informed and vigilant when using the internet and email.