If you keep up with news on ransomware, you may have heard of Cryptolocker.
After infecting your computer, it locks your files, and extorts money to return your valuable data to you.
Apparently, one in 30 have encountered the malware and about 40 per cent have paid the perpetrators to recover their data.
Cybercriminals may demand anywhere from a few hundred dollars to a few thousand.
How does Cryptolocker infect your system?
The modus operandi is straightforward : the Trojan is disguised as an email from a seemingly reputable source. When you click on the attachment or link, the Trojan runs on your computer, and locks your files, documents, database and PDFs. It achieves this by hiding the extension from file names to pass off as the real .EXE extension of the malicious file.
In a nutshell, Cryptolocker saves itself to a folder in your profile; adds a key to the registry so that it can run each time you switch on your computer; and generates two process : locking your data, and ensuring that the locking is not terminated.
What can you do to prevent a Cryptolocker attack?
At DB Computers, we offer IT Support Services to a broad range of clients, from start-ups and SME’s through to several hundred employee manufacturing sites, corporates and multinationals. Accordingly, we have experience in solving these kind of problems.
The biggest defense against Cryptolocker is to implement a data backup plan.
Ideally, you should be backing up your files everyday. A robust backup system will serve as a good contingency measure even in the event of hardware failure or natural disasters.
Avoid clicking on links or downloading attachments from suspicious emails. Check if you recognise the sender or if the mail has been sent from a reputable source.
Here are some ways to identify suspicious emails:
- The brand name is spoofed in the display name
- The email message has several grammatical errors
- The subject line may be deliberately written to create a sense of urgency or it may use threatening language
Additionally, please ensure preventative measures are in place, such as:
- Using a good antivirus software that has an email scanning feature
- Strong anti-spam filtering software
- Make sure there is a firewall in place
It is recommended that you sign up with a managed service provider who can assure the security of your systems from time to time. DB Computer Solutions offer IT Services in Limerick, Cork, Galway, and Dublin.
What if your system is infected with the virus?
- Immediately disconnect the infected computer from the network, by turning off wifi or unplugging ethernet cable from PC
- Do not pay up the ransom key straightaway, as it may be possible to recover your files should you have a good backup system in place
- If you are unsure whether you have a good backup system in place, contact your local IT experts to determine if the virus has caused any damage
If you have any questions or you think you may want a second opinion on your anti-virus email us: email@example.com or call DB on 061 480980