Businesses are experiencing an uptick in attacks by a particularly dangerous computer virus: the CryptoLocker ransomware Trojan. This is a particularly painful virus that can both impede your ability to work and hold your data hostage until you comply with the criminals’ requests. This impacts not just data on your machine, but on any network to which you connect.
The CryptoLocker virus first raised its ugly head in 2013. Most thought it had been all but annihilated, but two years later we’re still seeing it pop up at businesses that are not well protected against such threats. In fact, we have received numerous calls from businesses that are looking for assistance with recovery. We wanted to raise the flag to let you know that this virus is very alive and demonstrating aggressive behavior. You need to take action to protect yourself from its grasp.
What is it? This devastating virus most often enters a PC through an email attachment and, once infested, holds your PC for ransom. It’s designed to scramble files and then lock you out of your data by encrypting it. You will generally receive a message that reads something along the lines of: “Want your data back? Send $300 in bitcoin currency to …”
The criminals behind this threat are being aggressively pursued by the FBI. But business owners need to play a role too, even if it’s just to save their own companies.
How to Prevent it: Diligence!
- Ensuring your antivirus software is effective and active and updated regularly – on every PC in your company.
- Install updates and patches for your operating system and programs to make sure your computer isn’t vulnerable because of security flaws.
- Notify all employees. They should be aware that this is serious. Remind them to never open an email or attachment if they cannot verify the source of the email – or just forward this article to them.
- If you are a tech-savvy, do-it-yourself person, try this on a non-production computer: Grab an old machine and test the software and any repair tools you have, and then run a practice data recovery before putting the machine in to production.
A Quick Audit: Regularly check for abnormalities in your network. Take three steps to start:
- Assure that all your devices have an updated and reputable antivirus software installed.
- Confirm that your software is configured appropriately, not only to update at a reasonable interval, but also to monitor and prevent the installation of malicious software.
- If you do not currently have a system or application in place, work with your IT team to set it up immediately. If you need help, ask.
Removal: ZDNet reported on May 21 that a ransomware removal and rescue kit has been released, giving businesses an alternative to paying a fee to unlock encrypted files. It is recommended that before you begin removal, make a copy of the file (if possible) for later analysis. It also may be needed for file decryption.
If you find yourself in this situation, CloudWyze is here to help. If you have not been infected, celebrate by making sure your system is updated and secure.