With the recent surge in ransomware attacks, the security of popular operating systems has increasingly become a pressing concern. Chromebooks, generally speaking, are much more secure than other machines running on Windows or even Mac OS. They are relatively less in number, and hence do not form a primary target for attackers who are looking to attack the most number of systems. Also, Google has built Chrome OS to have brilliant security, and openly advertises this as one of the top benefits of having Chrome OS. However, if you have Developer Mode enabled to tweak your machine, or if Chromebooks get popular enough to get into the radar of ransomware attackers, how safe is your Chromebook?
Ransomware works by encrypting the local storage on your device to make it inaccessible. Chromebooks store most of their data on the cloud, and are hence relatively safe from encryption attacks. The local Downloads folder could, in theory, be vulnerable to encryption. It is hence recommended to have a back-up of your Downloads folder, or better still, store all your Downloads on the cloud directly.
However, Google Drive files are also stored locally on your Chromebook, and are synced to the cloud regularly. Hence, ransomware could encrypt the locally stored Google Drive files, which would then automatically sync to the cloud, extending the ransomware’s reach to your cloud storage.
There is no reason to worry about this, though. Google Docs content (including Docs, Sheets, Presentations and Forms) will not be harmed. Those files only store links to the files locally, and the content is safe on the cloud. If ransomware encrypts your links, the links will be broken but the files will be safe. As for other files, Google Drive allows you to access previous versions of any file you upload. Hence, if ransomware encrypts certain files, you can always access previous, unencrypted files through this service. In case you ever find yourself in this situation here’s how to access previous versions of files on Google Drive.
Retrieve Files from Google Drive
First, go to drive.google.com. On the top-right corner, there is an ‘i’ button, where the i stands for information. By clicking on that button, you can track all the recent changes to your files on Google Drive.
In case ransomware ever gets to your files, you will see under this sidebar that certain files have been tampered with. Now, in order to retrieve the older versions of your files, select a specific file that you wish to retrieve on Google Drive.
You will see that upon selection, the Activity section will show you the specific changes made to that particular file. If the file has been encrypted by ransomware, you can download an older, unencrypted version of the file. First, right-click on the file to open the options menu. Under the options menu, you will see ‘Manage versions’. (If you don’t see this option, that means that the file has only one version and probably wasn’t affected by ransomware)
Under ‘Manage Versions’, you will see a list of all previous versions of the file in the past 30 days, and you can download any previous version that is safe from encryption.
You will have to download previous versions of each file individually, since there is no way to download them in batches. This is a long, boring process, but in the end, at least your files will be safe.
Google Drive is safe from ransomware for now. However,it is still not recommended that you freely download any suspicious file or open a dangerous e-mail on your Chromebook. If nothing else, precaution will save you a few extra hours of re-downloading files. For the most part, though, (thanks to Google Drive and low popularity) Chromebooks are relatively secure from viruses and ransomware.