5 Steps to Protect Yourself from CryptoLockers
5 Steps to Protect Yourself from CryptoLockers
CryptoLockers are one of the most serious security threats on the Internet today. Being infected with a CryptoLocker can seriously impact your business, crippling your systems and rendering them inaccessible. CryptoLockers are complicated multi-layered threats so protecting your network and computers from them is not simply a case of installing anti-virus software. itro has identified four steps you need to follow to protect yourself from CryptoLockers and ensure your cyber security.
What is a CryptoLocker?
A CryptoLocker is a type of trojan or virus known as ‘ransomware’. Ransomware threats are becoming more and more widespread across networks every day. CryptoLockers trick a user into running a file which will launch the ransomware. In most instances, the victim receives an email with a password-protected ZIP file purporting to be from a real company. Often the emails are so convincing so they catch out tech savvy people, who are trained to notice IT risks!
The CryptoLocker uses Windows default behaviour of hiding an extension from file names. Without seeing the file extension you feel safe opening a file, having no idea of the danger. It is first executed when a user opens an email attached ZIP file and, when prompted, enters a password that is included in the message of the email. This opens the ransomware file and it spreads from there – you won’t even know what has happened.
These viruses are able to evade most anti-virus and malware protections due to their ability to exploit legitimate and trustworthy actions such as file sharing. itro have resolved many infections at different organisations and, whilst we’ve been able to recover the client’s data each time using their secured backups, the infection has caused business downtime, lost productivity and lost income.
As soon as a victim runs the ransomware, it goes into the memory on their computer and takes the following actions:
- modifies the system registry to launch itself every time the computer boots up; and
- launches processes to protect itself from being deleted or terminated.
CryptoLocker malware will start encrypting all the files it can see from the infected PC. Unless you have taken steps to protect yourself BEFORE an attack, the only way to decrypt your files is to pay the ransom to the distributor of the malware. Hence the term ‘ransomware’. Even when paying a ransom results are uncertain and supports criminal activity. itro is against paying any sort of ransom.
How to avoid CryptoLocker
Remove the worry of being held to ransom for your own data. Follow the four steps identified by itro now, and protect your organisation and your PC from CryptoLockers!
This malware spreads via email by utilising social engineering techniques so the best defence is well-trained users who exercise caution with email attachments they receive.
The Five Steps to Protect Yourself from CryptoLockers:
- Stop it from reaching your ‘front door’. Ransomware threats are usually spread via email so use a Cloud-based email filtering service to detect the threat before it arrives at your network. itro recommends Mailguard as our preferred Cloud-based Email Protection Service.
- Don’t let it through your ‘front door’. Have a firewall that supports deep level content inspection to prevent viruses from entering your network. itro installs Watchguard firewalls with APT blocker features enabled. These features help prevent the Trojan from penetrating your network.
- Stop or slow down the spread if it gets into your network. Employ best-practice password policies and have a top-level Anti-Virus Security Suite, such as Webroot. A good password policy can stop a Cryptolocker in its tracks and gives the Anti-Virus suite the best probability of detecting and preventing the ransomware early before it infects and encrypts your PC or, even worse, your entire network.
- Restore your data. A secure Backup Solution is the last resort to recovering your files in the case of infection. Have a ‘snapshot’ backup that runs continuously throughout the day to a destination that is NOT on your internal network. itro implement comprehensive Backup and Disaster Recovery solutions utilising ShadowProtect software on exclusive itro managed Cloud Servers that will hold your data securely in an off-site location.
- Upgrade your computers to Windows 10, as there are numerous security improvements to the operating system that are not available in earlier versions of Windows.
Ransomware poses a significant and tangible threat to your business, but implementing the above four steps will minimise your likelihood of being infected with a CryptoLocker.
Please remember a first-rate Backup Solution is and always has been, the best practice to protect yourself losing your files. A quality Backup Solution will ensure that, no matter what happens, you will be able to restart your business quickly and cost-effectively.
If you’re not sure if your business is protected against a CryptoLocker attack call itro and we can provide you with an assessment of your system along with recommendations to secure your data.