Don’t Let CryptoLocker Steal Your Data for Christmas

CryptoLocker is a ransomware Trojan horse that is holding victims' data for ransom. This is a new type of malware that is targeted to computers running on Windows operating systems. The CryptoLocker malware is being spread through phishing emails that are disguised as legitimate-looking business emails with phony FedEx and UPS tracking notices or email attachments. Businesses should be on high alert as this malware poses a real threat warranting official warning alerts from both Britain’s National Crime Agency (NCA) and the US Homeland Security Computer Readiness Team.

Once a computer is infected, CyberLocker ransomware encrypts computer files. The CryptoLocker malware was designed to search for and encrypt files, not just on your computer, but also on any connected drives, including shared network drives, USB drives, external hard drives, network file shares, and even cloud storage devices. If one system on your network becomes infected, mapped network drives also run the risk of becoming infected.

After files have been encrypted, CyberLocker issues victims a three-day ransom notice (tracked through a 72-hour countdown timer) demanding payment in exchange for a private decryption key. If the $300 or €300 ransom is not paid (through a third-party payment method like MoneyPak or Bitcoin) within the given time period, the private key will be destroyed and they claim no one will ever be able to recover the encrypted files.

Because the decryption key is a unique private key, victims can’t just use someone else’s key to decrypt their files. To make matters worse, some victims have reported that they paid the attackers and still did not receive the promised private decryption key. The only real solution is prevention.

How to Protect Your Computer Network from a CryptoLocker Infection

The best proactive, preventative measure you can take is to conduct a regular backup of your data and to maintain up-to-date anti-virus scans on your computers. Backup software like NovaBACKUP will not only back up your data on a consistent automated schedule, but it also does an antivirus scan of your data to ensure that your backups are virus-free. As part of your backup routine, we recommend storing at least one copy of your critical backup files offline. If your computer does become infected, immediately disconnect wired or wireless systems from your network. This may prevent further encryption of files on your network.

Preventative Measures

There are a few additional preventative measures that can be taken to protect your data. In addition to backup up your data, you should also update your operating system with the latest patches. This act alone could prevent the malware from finding its way onto your computer through unnoticed holes in the software’s security. Once virus authors find holes in the security of the operating system, other malware authors like CryptoLocker use them to gain access without having to reinvent the wheel.

Do not follow web links in emails that are unsolicited or questionable and please use caution when opening emails with attachments, especially if you do not recognize the sender. Trust your instincts. If something about an email or email attachment just doesn’t seem right, don’t open it. If in doubt, you could always contact the person who sent you the email to make sure it is legitimate before opening it. It’s better to be safe than sorry.

It may also be time to review the access settings on your network shares, both at work and at home. If a user doesn’t need write access to certain files, don’t permit them. This is a great preventative action that will prevent the virus from finding and encrypting additional files as it appears to not be able to attack files with read-only access.

If your system becomes infected with CryptoLocker, the first thing you want to do is run a virus scan on your computer.  This will not decrypt the files that CryptoLocker has already encrypted, but it will stop CryptoLocker from continuing to encrypt more files on your system. It will also allow you to restore your files from your backup without these files also becoming subject to malware encryption.

Don’t let CryptoLocker be the Grinch that stole your data ... back it up now. If you do not currently use backup software to protect your data, now is the time to start. NovaBACKUP is a comprehensive, award-winning Windows backup software solution that is both easy to use and affordable.  NovaBACKUP also includes Setup Assistance with their backup software solution.