Understanding CryptoLocker to Protect your Data
CryptoLocker is malware. It’s a specific type of malware called ransomware. This differs from other malware because when a computer is infected, an encryption is put on data files and asks for a ransom to gain access to your data files. So far, CryptoLocker has managed to get millions of dollars from victims in ransom payment.
How do users get CryptoLocker?
Typically users get this malware through phishing emails. For example, a user may get an email stating that there is an issue with their FedEx order and the user needs to open a zip file. Unknowingly, the user opens and run the file infecting their computer.
Businesses should also be aware that work email accounts (typically protected by junk filters) are not the only possible point of entry for CryptoLocker. Employees accessing personal email accounts through the Internet could also be a source of potential infection, if they are opening infected files from a work computer.
Additional Risks from CryptoLocker
There are additional risks for businesses that come with CryptoLocker. Not only does CryptoLocker encrypt the data locally on a computer it also targets mapped drives. This means that a computer with mapped drives will give CryptoLocker access to encrypt the files on the mapped drive. For example if your data is stored on a file server and computers have access through a mapped drive, that could put all your files at risk of being encrypted.
Won’t my anti-virus keep me safe from CryptoLocker?
While anti-virus keeps your systems protected from many viruses, you shouldn’t think that it means nothing will ever get through. The people who are creating viruses and malware, like CryptoLocker, understand that they need to get past anti-virus and so they write code to bypass anti-virus software. For a more detailed look on how this happens check out this article, Why an Anti-Virus Can’t Protect You from all Viruses. It’s an inevitable game of cat and mouse, the people looking to exploit your systems are writing new viruses all the time to penetrate anti-virus defenses. Conversely, your anti-virus programmers are working tirelessly to create defenses against new viruses, which is why it’s important to have a good anti-virus and keep it updated.
Maybe you are asking yourself why have anti-virus at all? You don’t want to be exposed to viruses and malware that could have been prevented through a good anti-virus software. Anti-virus reduces your risk significantly but don’t get lulled into a false sense of security.
How to protect yourself from CryptoLocker
We store all kinds of important data whether it is cherished family photos or data vital to running your business. So it’s important to understand how to protect against this malware.
- Diligence Backing up Your Data – If you are diligent about backing up your data you can do a system restore from your backup. Keep in mind that any new files created between the time you are infected and the last backup could be lost. If your back up is a month old you would lose a month of data. If it’s one day old you would only lose a day of data.
- Shadow Copies – are live backup of your files. Shadow copies can be useful to restore data quickly. But note that more recent versions of CryptoLocker have begun to target shadow copies, so it is important to have a regular backup as well.
- Keep your Operating System and Software Updated – Patches will decrease the chances that you will get infected.
- Education about Viruses and Malware– Educate yourself and/or users about the risks and potential damage. Train users how to spot phishing emails and the importance of not downloading from unreputable websites on the Internet.
- Software Restrictions Policies – are group policies that will give you control over the kinds of software that are allowed to run on a computer.
- Restrict Administrative Privileges for Users – Users that have administrative privileges can do more damage with malware than those who don’t.
- Consult your IT Support about Additional Prevention Tools – Your IT support could recommend and install additional prevention tools like HitmanPro or CryptoProtect.
While CryptoLocker is extremely frustrating for those who become infected, the good news is we are able to assist you with evaluating their security policies and making adjustments to secure your data, networks and systems from vulnerability to CryptoLocker and all kinds of infections.
Additional Articles about CryptoLocker:
1650 Manheim Pike, Suite 204, Lancaster, PA 17601
(717) 509-4410
INFORMATION TECHNOLOGY SERVICES