What is CryptoLocker?
CryptoLocker is a name given to a ransomware trojan. Essentially it is an extortion racket of multi-million dollar proportions.
- A staff member receives an innocent looking email message with a innocuous attachment disguised as a PDF document (eg subject: Daniel Watson job application, Attachment Daniel Watson CV.pdf.) There are multiple variants; some of which can be quite sophisticated using Phishing type attacks to get someone to download the trojan from a web page.
- When the attachment is opened it executes code which sometimes installs a trojan application, sends a request to a Command and Control server to request Encryption keys.
- Once the keys are receives the trojan gets busy encrypting document, pictures and autocad files on both the local computer and any network drives the computer has access to rendering them unusable.
- Then the staff member will get a message advising their system in encrypted and if they want their files back they are to pay anything from $500 - $1000.
At that point your have two choices as the encryption is UNBREAKABLE: Pay up and hope for the best, or restore from backup.
The key points to take away are:
- Staff Training - Do they understand the risks of being curious? Have you given any training on being safe on the internet?
- IT Security requires Multiple Layers, Antivirus + Web Filtering + Unified Threat Management Firewalling - not just set and forget but managed and monitored to minimise exposure & risk.
- Secure Offsite Backups - are your files backed up and sent offsite? Think the 3:2:1 rule, 3 Copies, 2 formats, 1 copy offsite. We have cost effective methods for backing up both your PC's and Servers into the cloud as ultimate DR strategy