What to Know About Cryptolocker Virus

crashAttention Readers! A new virus has been discovered that could potentially threaten your personal or company computers! Please take a quick glance below at this e-mail excerpt provided by ITSolutions/Currie, a well known local IT business located in Central Valley area of California.

What is this new virus?

It is known as Cryptolocker, and it targets Windows based systems. Cryptolocker falls into the class of malware known as ransomware. Ransomware prevents you from being able to use or access some part of your computer or data unless you send money to the extortionists.

What makes Cryptolocker a special concern?

Once your computer is infected, Cryptolocker looks for and encrypts the most commonly used file data types on your system, rendering them inaccessible. Worse, it also looks for files on any network shares (data on your file server) that you have access to and encrypts them as well. It has crippled entire businesses.

Can the data be unencrypted?

Even if you take your computer to a specialist and have Cryptolocker removed, the affected data remains encrypted and inaccessible. The only currently known method for unencrypting is to pay the extortionists the ransom – a risky move at best. Interestingly, the hackers have unencrypted enough systems for many victims to want to take a chance and send the ransom, thus increasing the hacker’s cash flow.

How would I know if I am infected?

Cryptolocker silently works to encrypt your data in the background. Once completed, it presents a splash screen listing instructions for how to get your data back. The original version demanded a $100 payment. Newer versions have increased to $300. There is also a countdown timer. If the timer reaches zero, the data is permanently lost – even if you pay the ransom.

<div>

</div>

Will my antivirus software protect me?

At this time, antivirus companies seem to be having difficulty stopping an initial infection, detecting the problem only after it is too late. How do I get infected? We are seeing two primary methods of attack: malicious email attachments and compromised websites. Email attacks are exceptionally common, and most of us are wary about opening attachments. Nevertheless, this is one of the most successful methods of infection. Compromised websites are a bit trickier. If your computer visits a website that is controlled or has been hacked and your system doesn't have the latest security patches installed, the hackers can silently install anything they like – including Cryptolocker.

How can I protect myself?

This is really the most important question. Here are a few things you can do: • Be sure your antivirus software is as up-to-date as possible. • Ensure that your computer has all of the latest security patches. This includes Java, Adobe Flash, and Adobe Reader, as well as all of the Microsoft components. • Avoid opening email attachments you are not expecting or that are not 100% sure are from a legitimate source. • Make regular backups and store them separate from the computer. This last part is important. If your backup is attached to your computer (via USB or otherwise), it could get encrypted by Cryptolocker along with your data.

Proactive planning is the best protection! Talk to one of our expert engineers or account managers today about getting you and your business a proper disaster recovery plan. Don’t get locked out!