20 Apr CryptoLocker, the myth, the legend, the way to avoid
I am not going to lie to you…if you already have CryptoLocker then you are most likely are in serious trouble! Especially if your system restore fails or you do not have an external clean copy of your data.
However if you haven’t had CryptoLocker, then there are a couple of things you can do to help protect yourselves in the first instance and prevent a critical business disaster.
What is CryptoLocker?
CryptoLocker is an extremely nasty ransomware which essentially encrypts all of your data on your computer or server and then demands a payment from you in return for the decryption key. Hence the term ‘ransom’ware.
However, there is a time period attached and once lapsed, the ransom amount to pay then increases. If you don’t pay you will lose your data, if you do pay, sometimes you never receive the decryption key.
When you try to open your data on your computer, for example in word or excel, it is utterly incoherent! That’s because it is encrypted!
It is fraud and theft in the highest form and for a company, it’s absolutely debilitating. It brings your business to a standstill and you face the risk of losing hundreds if not thousands of pounds in loss of business and loss of trading.
How do you get infected?
CryptoLocker in its usual variants enters your network or computer system by email attachment. Usually within a compressed file where an executable file has been lying in wait to spread and infect.
This executable file has either been run manually (by user error) or automatically through an infected script on your computer which rapidly decrypts all of your data it can find.
CrytoLocker can also be injected into your system from hijacked and infected websites, as well as by email.
What to do to reduce the risk of being exposed to CryptoLocker
KEEP your anti-virus up-to-date (although even Anti-Virus providers cannot keep their definitions up-to-date to the extent that is necessary to protect from all CryptoLocker variants )
DO NOT open emails from people or organisations you do not recognise (permanently delete the email)
DO NOT open email attachments from people or organisations you do not recognise (permanently delete the email)
DO NOT click on email links from people or organisations you do not recognise (permanently delete the email)
DO NOT visit unscrupulous or “dodgy” websites
INVEST in an enterprise-level Spam, Virus and Web Filtering Solution as your business will be rink-fenced from these types of email and web viruses and it reduces your risk of these ever reaching your computer systems.
INVEST in an Online Backup Solution as your data can be restored from up to 30 days, if not from all time and is a definitive way to recover your data quickly and efficiently if you are infected with CryptoLocker.