Cryptolocker, a ransomware Trojan that first arrived on the internet in September 2013, is on the rise once again and causing problems for a lot of businesses.
This makes it vitally important that you ensure your company’s network is safe, secure and backed up. Why? Because there is nothing to stop Cryptolocker once initiated by the user, other than switching everything off, and even then you can only retrieve data by restoring a backup.
This means, if there’s no backup, there’s no data! So the best thing you can do as a business is to be prepared.
Cryptolocker is a ransomware Trojan that infects computers running Microsoft Windows. It is most typically spread via emails and tricks the recipient into opening the contents by pretending to be from a genuine company.
Once a computer is infected, the ransomware encrypts files and posts a message asking the user to make a payment to decrypt the files – it also threatens to destroy all the files on your hard drive if payment is not transferred.
Some users may consider paying the ransom and getting their files decrypted, but it is unlikely that the files will in fact be decrypted. And even if they are, there is still the potential for ransomware to infect your computer afterwards.
Cryptolocker functions in the same way for a business as it does for an individual, but in a company’s domain environment where their data and connections are shared. A single infected computer could open the gateway for the ransomware to infect the entire network.
Even mapped drives, USB sticks and cloud services like Dropbox are not safe and can be infected by the ransomware.
Even if Cryptolocker has not infected your business’s computers, this doesn’t mean that you can sit back and relax. Unless you and your employees understand the risks and how to be safe, there is always the potential to be another victim.
To protect your business:
As the ransomware is spread via email, the best thing you and your employees can do is tread carefully. If you receive an email and do not know who it is from or why it has been emailed to you, don’t open it. And if you do happen to open an anonymous email by accident, don’t open attachments or click any links.
Viruses can also be spread via attachments from known recipients. You’re more likely to open files from someone you know, and ransomware takes advantage of this. Take extra care here too.
Ensure software is up to date
Windows automatic updates should be turned on to ensure your computer is in the best position to protect your data from potential threats.
Avoid .EXE files
The best policy is to block email activity related to .EXE files and use workarounds such as password protected ZIP file containers, if necessary.
Be wary of other unknown file extensions, and ensure your programs are set up correctly to open documents. Ransomware can also infect a network via doc.x files, utilising macros, so make sure Microsoft Word is set up correctly so as to not auto-run these sorts of infectious macros.
Back up your data
Ensure you have an effective back up and disaster recovery system in place. Anti-virus software is bypassed with ransomware like Cryptolocker, so you won’t be able to remove it this way. Instead, you’ll want to rest safe in the knowledge that you can restore all your files completely from safe and secure backups.
We’ve been helping our clients meet the threat posed by Cryptolocker recently, and have years of experience dealing with computer and network viruses.
If you’ve been affected or if you would like further advice, simply fill in the form on the right or call us on 01844 293 330.
For more than 20 years, Paralogic has been working with small and medium sized businesses, providing outstanding IT support that they can rely on. We’re thrilled, therefore, to be named among the best MSPs in…Read More
The European Union’s General Data Protection Regulation (GDPR) is the most significant shake up of information security for many years. Despite the toughening of rules and the harsh treatment of companies by regulators and the…Read More