CryptoLocker: 3 Steps You Can Take Right Now to Improve Network Security and Guard Against a Cyber-Attack
Did you know that cyber-attacks within the private sector (including small businesses just like yours) doubled in 2015? That’s right! A report by Kaspersky Labs found that there were twice as many attacks last year than occurred the prior year. These attacks were largely classified as “ransomware” or “CryptoLocker” incidents.
What Does CryptoLocker Look Like?
Typically, the CryptoLocker malware arrives in an email as a message that includes an attachment. These email messages often appear to come from the government or a major vendor, such as UPS, FedEx, or Xerox. The attachment is usually a ZIP file that contains something that appears to be a standard document (such as Microsoft Word or Adobe PDF). When the document is opened, the virus is installed on the computer.
Here’s a short 3-minute video published by AVG that describes CryptoLocker…
Here are some examples of email messages which carried the CryptoLocker virus…
What Does CryptoLocker Do?
After CryptoLocker has infected a computer, it goes to work looking for your important files and documents. It finds these documents stored on your computer and on your network and protects them with its own encryption algorithm… Did I lose you? OK… sorry about that. That was geek speak for, … ”It changes them so they can’t be opened without a password.” These files are absolutely not accessible until you are provided with the password. Of course, for a fee (typically about $300), these cyber-criminals offer to provide you with the password you need to access your files. Finally, you will be provided with a ticking clock counting down to the time when the password will be completely erased from the hackers’ database (typically about 4 days). Unfortunately, cyber-criminals don’t always honor the agreement to provide the password, even after they’ve received payment.
Here are some examples of the messages displayed on an infected computer…
3 Steps You Can Take to Prevent CryptoLocker Damage
At Each Computer – AntiVirus / AntiMalware Software
First, and foremost, make sure you have an up-to-date malware and antivirus software solution running on each and every computer connected to your network. This includes any computers that might have access to your network through a wireless connection. Unfortunately, unless the software protection solutions are kept updated, they will not be able to adequately protect against the CryptoLocker threats. This is something that should be performed daily. Make sure that your IT person takes this responsibility seriously and routinely reviews logs and updates the protection software.
Some Reputable Companies providing Effective Protection
Our helpful team of network security experts over at Sophos has published a full video that will show you exactly what happens when CryptoLocker infects a computer. If you have 10 minutes to spare, take some time and watch CryptoLocker in action:
At Your Firewall – APT Blocker
Second, mainstream firewalls offer a centralized scanning and prevention solution called Advanced Persistent Threat Blocker (APT Blocker). These solutions examine the email messages coming into your network and identify / block CryptoLocker threats before antivirus software can recognize them. By preventing the attachment from ever reaching the user’s inbox, the threat never has an opportunity to infect your network.
Some Reputable Companies providing Excellent Firewall Solutions
By Having Reliable Data Backups
Finally, ensuring that backups of your critical data are scheduled and reliable will mitigate any damage should your network become infected by the CryptoLocker virus. Your IT person should be performing a regular review of the scheduled backup activity to make sure that all of the files across your network are successfully backed up. Next, an audit of the backups should be performed periodically to ensure that the files can actually be quickly restored from the completed backups.
If you are signed up for TechWorks managed services, you already have all these protections in place. Fortunately, TechWorks offers a full range of pro-active solutions to ensure your company is not held hostage by CryptoLocker and other malware. Our managed services automatically include daily updates and performance monitoring of all computers, pro-active firewall monitoring and configuration, and complete backups of all servers and workstations across your network. Whether you’re a small business owner looking to outsource IT management and support, or an IT manager needing to off-load some of the routine proactive responsibilities, we can help. Reach out to our team today to take advantage of a free consultation!