Macro Systems Blog
Warning: CryptoLocker Virus will Delete Your Data!
The CryptoLocker virus is a new ransomware that began attacking computers via the Internet last September and has now grown to become one of the world's fastest spreading and most dangerous malwares. If your business isn't prepared for CryptoLocker, then your company's data is at serious risk.
CryptoLocker is One Bad Virus
CryptoLocker is an extra malicious virus because it uses fear and extortion. Once a PC is infected with CryptoLocker, the virus will then go to work and encrypt the files on the computer. It will then lock you out of your PC and demand that you pay the hackers money for an encryption key, that will give you access to your data. To add insult to injury, there will be a clock displayed counting down from 100 hours. If you don't pay the extortion fee and the clock hits 0:00, then all of your data will be deleted!
The hackers are asking $300 for an encryption key. They have the nerve to ask for so much money because they understand the value of data. For example, if you were locked out of your PC, would you be able to get any work done? Probably not. Hackers want you to panic and pay them, and they will even provide you with ways to fund them that can't be traced. Whatever you do, don't give hackers the satisfaction of paying the fee. It will only embolden them and fund their work of designing and spreading even more computer viruses. Plus, there have been reports of hackers deleting the victim's files, even if they've paid!
What are Your Options after an Attack?
Instead of paying the hackers, you should immediately unplug your computer from the Internet, shut it down, and let the professionals at Macro Systems take a look at it. CryptoLocker can quickly infect your computer, and by the time you realize something is wrong, it may be too late. Additionally, you really don't want to have a virus like this active on your computer while it's plugged into your company's network because it will spread to other workstations.
Calling in the professionals for this one is really your best course of action because CryptoLocker is designed to make changes to your PC's registry upon restart, as well as encrypt the files for your remote and fixed drivers. This means that you don't have time to troubleshoot the problem from the backend, and turning your computer on and off again will just make the problem worse.
The Spread of CryptoLocker
The CryptoLocker virus is relatively new and it's spreading fast like juicy gossip in middle school. To give you an idea of how fast it's spreading, consider a report by spam filter AppRiver. It reported quarantining 56.6 million spam emails in October and CryptoLocker was the most prevalent virus out of the bunch. Meanwhile, other antivirus companies are reporting that they're seeing thousands of new CryptoLocker infections every single day.
CryptoLocker isn't limited to the private sector, even government computers have been breached with this malware. Take for example a police department in Massachusetts that was infected in September by CryptoLocker. It ended up shelling out $750 worth of Bitcoins (an untraceable online currency) to the hackers.
Beware of Phishing Scams
Like most malware, email is the biggest culprit in spreading CryptoLocker. Hackers prefer to spread CryptoLocker by using phishing scams. With phishing scams, a virus will be sent to an inbox in the form of an attachment, usually as a .ZIP file. Unlike normal spam that's blocked by your spam filter, a phishing email will often use deception to get the victim to open and download the attachment. For example, one the most successful email phishing scams responsible for spreading CryptoLocker is a disguised as a message from a parcel delivery service regarding a package that you may or may not be expecting.
Upon download, CryptoLocker will immediately begin encrypting the files on your hard drive. This malware can trick even knowledgeable PC users because the attachment is a double extension, which means that the infected attachment looks like a trusted .PDF or .DOC, but it's really hiding its true .EXE identity. CyrptoLocker can also spread via pop up advertisements on malicious websites, bogus social media games, and more. Schooling your employees on what to look for when browsing and downloading from the Internet will go a long way in keeping your business safe from CryptoLocker.
How Can You Stop CryptoLocker?
In addition to using safe browsing habits to prevent a CryptoLocker infection, you will also want to make sure that you have a strong network security firewall in place. Macro System's Unified Threat Management (UTM) tool comes with a firewall designed to protect complex business networks. Additionally, UTM can protect your company with content filtering which blocks employees from visiting malicious websites.
The best defense against CryptoLocker is to backup your data. Our Backup and Disaster Recovery (BDR) solution is up for the task because it will automatically backup your data throughout the workday. If you happen to find yourself locked out of your PC due to CryptoLocker, then you can tell the hackers to go take a hike and revert back to a previous backed up version. As bad as CryptoLocker is, it's no match for BDR.
CryptoLocker is one of the worst malwares that we've seen in quite a while, but you don't have to be afraid of it. At Macro Systems, we have your back. Give us a call at 703-359-9211 to receive a free network audit that will find vulnerabilities where viruses like CryptoLocker can penetrate. Also, be sure to ask us about our managed IT services that allow us to monitor your system remotely so we can catch and fix infections like CryptoLocker before they disable your network. Call us today and don't become CryptoLocker's next victim!
Comments