Yes. But if you have malware, you have bigger problems.
This is a question I’m resurfacing from nearly 20 years ago.
I have two reasons:
- The answer remains important to understand.
- The answer hasn’t changed. If anything, things have gotten worse.
It's not your PC anymore
If malware gets on your computer, you can’t trust it. Anything connected to it, including your external drive, could be at risk. The safest thing to do is assume the worst. Clean it up, restore from a backup, and start backing up every day.
Once you have malware…
There’s a very important and scary rule of thumb that’s worth remembering:
Once your computer is infected with malware, it’s not your computer any more.
You may think it’s yours. It may even behave as if it’s yours.
But it’s not. Or, perhaps more realistically, you can’t assume it is.
Why?
Malware can do anything.
That’s a difficult concept for many to comprehend. Let’s dive in a little deeper.
Help keep it going by becoming a Patron.
Related
What Security Software Do You Recommend? (2025 Q3 update)
My updated guide cuts through the hype with four no-nonsense steps to keep your PC safe. Learn what works, what to avoid, and how to stay secure without overspending or overcomplicating.#3517
What malware does
Most malware is written with a task to perform. Perhaps it’s designed to capture keystrokes. Maybe it’s designed to encrypt your data and hold it for ransom. Perhaps it’s designed to copy all your files to the hacker’s computer somewhere. Maybe it’s designed just to wreak havoc by deleting whatever it feels like.
Or maybe it’s designed to do everything, everywhere, all at once.
We can’t really know.
Thus, we must assume the worst: malware can do anything.
This seems particularly difficult for folks concerned about keylogging to grasp. Just because you’ve somehow blocked the logging of keystrokes doesn’t mean the keylogger — which is just malware — can’t capture your data entry some other way. Malware can do anything.
And, yes, that includes accessing whatever’s on your external drives. It’s one reason not everyone agrees with my position on leaving your backup drives connected all the time.
Unauthorized access to your data
The original question was prescient in at least one interesting way: it predates the concept of ransomware (or at least the major spread of it).
Twenty years ago, the questioner was concerned that the data on his external hard drive might be stolen or used in some unauthorized way. Now there are many more ways to get at your data that don’t involve your external drive. Online data breaches like account hacks are much more likely to expose your data. Even then, hackers aren’t really interested in your files (unless you’re a government or corporate employee with access to sensitive or secret things). They’re just interested in abusing your account for other purposes, typically spam-related.
These days, if malware accesses your external drives, it’s more likely to encrypt the data and hold it for ransom. Not all ransomware does this; in fact, only a small percentage of ransomware attacks involve encrypting external drives. Usually, it’s easier, quicker, and just as effective to encrypt the data on your system drive.
There’s no way to know
Here’s the frustrating thing about malware: once detected, there’s no way to know with certainty what was and what was not compromised. The only truly safe approach at that point is to assume everything has been compromised.
In other words, it’s not your computer anymore.
That’s a harsh and serious assumption to make. What we often do is play the odds. In a case like this, maybe we:
- Scan the external hard drive with an anti-malware tool or two. If it comes up clean, we keep using it, keeping an eye open for suspicious activity.
The catch is that you just don’t know that they’ve actually found and removed the malware you have — it could persist. So other people:
- Restore the system drive from a backup image taken before the malware infection. This is a great way to know it’s gone.
- If you don’t have a backup image, then reinstall Windows and your applications from scratch, and restore your data from a backup copy.
Many people balk at reinstalling Windows, and I get it. It’s a big deal.
Do this
This is the part where I reiterate that prevention is much less costly and less frustrating than the (incomplete) cure.
- Back up regularly; daily, if you can.
- Do all the things you know to do — or more correctly, not do — to keep yourself safe from malware. Avoid links you’re not 100% certain of, don’t open attachments you’re not 100% certain of, and stay alert for phishing emails or other types of scams.
Subscribe to Confident Computing! Less frustration and more confidence, solutions, answers, and tips in your inbox every week.
