CryptoLocker Virus Holds Businesses Hostage

Imagine you come home to find an extra lock on all your doors, bars on your windows and the garage door is bolted shut. There’s a sign saying you’ve been locked out of your house until you pay a ransom. There’s no way around these locks and nothing can cut the material they’re made from. This is very much what it’s like to be infected by the CryptoLocker virus. You can see all of your possessions but using them is out of reach.
CryptoLocker, categorized as a ransomware Trojan has become one of the most historically devastating viruses to hit the internet. Believed to have started on the 5th of September, 2013. CryptoLocker typically comes through as an email attachment, commonly disguised as a legitimate business email. Crypto has also piggy backed on other viruses, the Gameover ZeuS and botnet Trojans. Some have found infected Java code and flash banner ads on sites. Crypto has a great deal many ways to infect an unsuspecting machine.

What does Crypto do exactly?

Crypto gains access to a computer operating in a windows environment as mentioned above. Once on a computer it will encrypt certain types of files stored on a local hard drive and mapped network drives the user has access to. This is important to know because one impacted computer can affect the data of all other computers on the network and put your whole business at risk! The encryption uses 2048-bit RASA public-key cryptography, the private key needed for decryption is generated and stored on the malware controller’s servers. They commonly use a slew of proxies to help hide the servers place of origin, making them extremely hard to track. Promptly the malware will show a pop up notifying you your files have been locked. In each folder encrypted it will drop four documents that have instructions within them for how to decrypt your files. With each version of Crypto the price will vary, however, in all cases the end result is the same: Pay this ransom or forever lose your files. Some versions give you 48hrs, while others have no timer at all.

Although the Crypto files themselves are easy to remove, recovering the encrypted data is another story altogether. To date, we have heard few, if any, success stories from people recovering their data without paying the ransom unless they were protected by a solid back-up solution. For a few customers who didn’t have back-up solutions in place, we have seen success with customers paying the ransom and recovering their data safely. The “Crypto” bad guys have usually honored their commitment to release the data back to the owners.

How to Protect Your Data:

Keeping multiple backups of your data is the key to beating CryptoLocker. Ideally, not just a local backup: remote backups are important for redundancy and pricing has improved over the years to make it cost-effective. We offer several solutions for backups ranging from a standalone local backup to a full remote monitored offsite package that ensures your data is protected and redundant in the event of a natural disaster. Some of our backup solutions offer true business continuity that allows a troubled server to quickly failover to a secondary system to use while the primary hardware is repaired. We also develop disaster recovery plans and perform periodic testing to ensure that it will work when you need it to. Having a backup is crucial, but it should be tested so that there are no surprises. That can be the difference between paying the ransom and crossing your fingers or not even thinking about paying the bad guys in the first place.

Keeping backups of your systems allows you to restore your data without having to pay a ransom. It also ensures you have a plan in case of other types of emergencies such as fire, theft, natural disasters, disgruntled associates, etc. Remember, if you have a backup that is connected to your server such as a USB drive or even something connected to the network, Cryptolocker can render your backup useless too. That’s why it is so important to have backups in a different geographical location than the business operations.

If you’re worried about your data’s security and potential for data loss, please contact Eagle Network Solutions today for a review of your current data backup and recovery system and what solutions fit within your budget and particular business needs.