Cryptolocker Ransomware – What does it do and how can I prevent it?

There is a nasty piece of ransomware doing the rounds at the moment called Cryptolocker.  It’s considered so serious by the National Crime Agency that they have issued an urgent alert because they believe the UK’s small and medium businesses are being specifically targeted.

What does Cryptolocker do?

Cryptolocker is a piece of malware that infects your PC.

Once your machine becomes infected the malware will scan your computer looking for precious data such as word processor documents, presentations, spreadsheets, graphics, databases, etc. When it finds some it will scramble them by using unbreakable encryption. Once your files have been scrambled there is no way you can unscramble them unless you pay the criminals a ransom of about £500. It’s this process of holding your data to ransom that gives this type of malware the name ransomware.

Here’s a screen shot of the dreaded Cryptolocker malware, if you’ve seen this your most likely infected.

Cryptolocker ransomware screen shot

Cryptolocker ransom screen

How do I get infected with Cryptolocker?

Usually the malware comes in as an attachment to a phishing email like one of those fake FedEX, Amazon or bank emails you sometimes see in your inbox.  The attachment may look like a pdf file or similar but in fact it’s a program file that once clicked will install the malware on your computer.  This type of infection is called a Trojan horse.  Currently the malware is not known to spread by itself from computer to computer.

What can I do if I get infected with Cryptolocker?

If your computer is connected to a network the first thing to do is disconnect it straight away. Next, turn your machine off. If you are lucky you may have stopped it in time to prevent the ransomware from encrypting all your data. If you are unlucky and your data has been scrambled you have two options to get your data back:

  • Restore your data from a recent backup.
  • Pay the ransom and hope the crooks will unscramble your data.

It’s now you will probably realise the true value of your data backup.

How to prevent Cryptolocker malware.

It’s not enough to assume that you are safe because you have an anti-virus program installed.  Anti-virus software is essential but it should only ever be used as one layer of your multi-layered approach to security.  Here’s an example; think of your house, you wouldn’t go away on holiday only locking the front door, you’d lock the back door, all your windows, turn on the alarm and ask the neighbours to keep their eyes peeled too.

Here are our top tips for keeping your data safe and secure. As a minimum, be sure to do the following:

  • Keep your anti-virus software up to date.  Anti-virus software can only protect you from malware it recognises.  Since malware is constantly changing anti-virus software needs to be regularly updated so it can keep up with these changes.
  • Backup your data. You should already be backing up. If not, make backing up your data your very next task!   If you have a backup system in place, make sure it’s working and also make you can restore data from it.  A backup system that you can’t restore from is not a backup system. Just to recap; that’s backup, backup, backup!
  • Exercise caution – As a user you the most important thing you can do is exercise caution when deciding to open email attachments.  Since this particular piece of malware is installed by tricking the user, you must be extremely careful when you decide to open an email attachment.  If there is anything that you think is remotely suspicious don’t open it and if you have, seek advice ASAP.
  • Update your system – Make sure you have all the latest software updates applied. This includes updates for Windows, Java, Adobe Acrobat Reader, etc.
  • Remove administration privileges – Check your user permissions and make sure administration privileges and not set unnecessarily. If your PC is on a network there are global configuration settings that can be set up to help prevent malware infecting machines.

If you are having problems with a virus or malware or need to sort out a robust backup solution give us a call on 01404 384483 or contact us via our web form

Comments are closed.