What is Cryptolocker?

CryptoLocker is a ransomware Trojan which targets computers running Microsoft Windows. CryptoLocker get onto your PC’s via infected email attachments, and via an existing botnet or bad website link. When activated, the malware encrypts certain types of files stored on local and mounted network drives using RSA public-key cryptography, with the private key stored only on the malware's control servers. The malware then displays a message which offers to decrypt the data if a payment (through either bitcoin or a pre-paid cash voucher) is made by a stated deadline, and threatened to delete the private key if the deadline passes. If the deadline is not met, the malware offered to decrypt data via an online service provided by the malware's operators, for a significantly higher price in bitcoin.

Removal

Although CryptoLocker itself is readily removed, files remained encrypted in a way which researchers considered unfeasible to break. The only way to get your files back is from a backup that is why it’s more important than ever to have a backup in place.

How to prevent a Cryptolocker infection?

Prevention – don’t open or click on unsolicited emails

Educate everyone on the risk of opening email attachments that they shouldn’t. They may receive an email that they weren’t expecting or something may look wrong about it. These emails can also come from a spoofed account that may look legitimate or even appear to be from someone you know. The bottom line is to always be careful when opening email attachments.

Here is our Checklist to protect your Business from CryptoLocker

In both our professional and private lives, each of us needs to assume responsibility for our online activities. These responsibilities involve a combination of equipment maintenance and software updates coupled with appropriate online behavior and a constant vigilance against criminal activities. We suggest that you start with this brief checklist:

Maintain a Clean Machine by running the most recent operating system, security software, apps and web browser as a defense against online threats such as viruses and malware.

Antivirus Software – every computer should have internet security protection to help detect Cryptolocker, it may also limit the harm done by warning you before the file is executed, should you accidently click on a host email.

Scams, Spam, and Phishing are hazards you can avoid. Don’t open e-mailed attachments from strangers and never click on unknown links contained within e-mails. Enable the filters on your e-mail programs to screen for spam. Beware of messages indicating upgrades, technical updates and special offers. These tactics are no longer limited to e-mail, so be vigilant when on social networking sites.

Have a Backup to non-networked drive or an online backup service – either rotate external drives or have off site scheduled backup. Beware of using sync backups such as OneDrive as they can also be encrypted.

Ayone Computers Can Help Your Business with Internet Security
Ayone can do an assessment of your business computers and network. We can also provide recommendations for improving your online security and assist you with a variety of solutions to reduce the risk of a malware.  We strongly encourage you to prepare your business for the threat of online security crime, call or email us for advice.