July 12, 2016

Cut letters from newspapers and magazines

CryptoLocker is one of the ugliest security threats to have emerged in recent years. Not only is it devastating to a computer, but also it can be psychologically traumatizing to a user. Here’s everything you need to know about CryptoLockers and how to keep this malware from happening to you.

What is a CryptoLocker?

The Cersei Lannister of ransomware. Seriously, it’s merciless. It is malware that encrypts a user’s files and then demands money, from the user, to unlock it. The virus also gives the user a deadline for payment.

How does a CryptoLocker virus break in?

Like the Greeks inside that Trojan horse.

A victim receives an email containing an (infected) attachment, usually a ZIP file. The victim opens the ZIP file, which contains a standard document, like a PDF. Once that file (the PDF) is open, the virus is in. From there, the CryptoLocker virus goes on a high-tech rampage that results in the scrambling (i.e., encryption) of files and documents.

Here’s a helpful post that includes examples of what a CryptoLocker virus email can look like.

How will I know if I’ve been infected with a CryptoLocker virus?

You’ll know. But in case there’s any ambiguity: a screen or dialogue box will pop up and demand payment for the recovery of your files. Here are two examples of the ransom messages that can be displayed on an infected computer:

Image source: Tech Works
Source: Tech Works

How can you prevent a CryptoLocker virus?

The good news is that there are ways to prevent these infections. Here are the three most important ways. We recommend you adhere to all of them.

1. Make sure up-to-date anti-malware is running on all computers.

The key here is, “up-to-date.” If the software is not updated, it won’t be in step with the latest CryptoLocker threats. It’s tempting to click “remind me later,” when prompted to update, but don’t. Make sure your security software is updated every day.

Also, the software must be installed on every computer in your network, even those that access the network wirelessly (e.g. employees that work from home, or users that can access your organization’s network from their personal computer).

2. Install good firewalls.

A firewall is the first line of defense against all viruses and malware. Like we wrote in a previous post, a firewall is like a sentry that stands outside the door of your network and evaluates the traffic passing in and out. He utters, “you shall not pass,” to untrusted visitors, thereby keeping private networks, like company intranets, safe from ill-intended users and malignant files.

3. Limit user access.

Allow only certain users to access certain networks (or network areas). Fewer people milling about in the network means less exposure to potential risks. Determine who needs access to what, and provide access accordingly. For example, the intern probably doesn’t warrant access to highly confidential client files, but the CEO does.

4. Backup your data.

If, unfortunately, you do get a CryptoLocker virus, having a backup of all your data will ensure nothing gets lost.

If you’re an ECS client, you already have all these protections in place. ECS offers the latest in IT security, and we do everything we can to keep your systems safe. If you’re interested in learning more about managed IT security services, call us today. We’ll give you a free 30-minute consultation.

ECS IT Solutions Partners