What is Crypto-Locker?
There is a lot of buzz going around about Crypto-Locker and how it is possibly the worst malware ever. Media reports state that the program attacks and restricts access to the computer system it infects, then demands a fee or ransom in order for the restriction to be unlocked.
The security threat can be activated if just one person in your organization clicks on a suspicious email attachment, social media site, website, etc.
How it Works
The way it works is, once you click on the ‘payload’ button, the Crypto-Locker scans all your local hard drives and randomly begins encrypting files and documents. It does this fairly slowly so that it has time to spread to other machines which may have access to other shared server data.
The tricky thing about the malware is that it does not encrypt program files so computers can usually boot properly and programs can continue to operate so users won’t immediately notice what happened.
After the encryption process is completed, a ransom message will appear outlining that users have 72 hours to pay $300 or the encryption keys will be destroyed. Once the payment has been made, the program should start decrypting files; however, the servers that do the decrypting are usually offline most of the time so the majority of users making the ransom payment won’t get their files decrypted effectively, if at all. There is also almost no way to get your money back without filing a complaint with the FBI. One way to protect against this cyber-attack is to maintain quality anti-virus and malware software. In this particular case, most of the top anti-virus solutions still aren’t reliably detecting this before encryption occurs and this malware will inevitably morph again to become undetectable.
Recent statistics show that 80 per cent of businesses fail within the first year of total data loss. Having a proven backup and recovery strategy is essential.
Contact us today if you would like a review of your Backup, Business Continuity, or Disaster recovery strategies.