As far as I understand the way Evernote works, its main vulnerability to ransomware is the local cached files it keeps on the PC where it is installed, which ransomware could possibly encrypt and a sync could corrupt the data in the Evernote cloud. If used strictly as a cloud service, especially with 2 factor authentication, I believe that a local attack of ransomeware on a PC can't touch the Evernote data in the cloud. This is contrary to the way cloud file storage services work, which the ransomware can see as a local folder and the contagion it creates gets automatically uploaded to the clo