The principle of Ransomware is simple. Usually it sneaks into a system disguised as an email attachment and, if opened, then proceeds to encrypt the files on your machine. When this has completed the virus deletes itself and tells the user that their data has been taken hostage and will only be released if they pay the demanded ransom for a key.
Now it’s back and this time the encryption is rock solid.
CryptoLocker is the latest Ransomware virus to strike unsuspecting users, and so far it’s proven impossible to crack. What’s more, it doesn’t just take all the data on your hard drive, it also searches for files on all drives and in all folders it can access from your computer: including workgroup shared files, servers, and more. Anything within its reach it encrypts. Essentially the more privileged your account is, the worse the overall damage will be.
The removal of the virus itself is of little use to the victim, and shutting down the server that holds the key will only result in the loss of the decryption tool, plus this is difficult because the servers switch location on a weekly basis. So most people who suffer a CryptoLocker attack are given the simple advice of either paying the ransom or losing the data, but like in any hostage situation you can never guarantee that the criminals will honour their terms.
How to protect yourself from a Ransomware CryptoLocker attack?
Always perform regular full backups of your valuable data and then remove the drive from your computer, preferably storing it off-site. Most people and organizations maintain a local and offsite backup therefore protecting all data and using a proper disaster recovery plan. The most important step is to never, ever open a file or link in an email or on a social website unless you are sure it was deliberately sent by the person themselves. It may seem interesting at the time, but the results can catastrophic.
We are unable to stop every attack but our actively managed toolset has enabled us to put policies into place that can prevent such attacks. First line of defense such as corporate messaging spam and virus filter, firewall with active security and content filtering licences and managed anti-virus and malware protection.
Welcome to Worry-Free iT!