It’s always a few bad eggs that spoil it for the rest of us.
CryptoLocker, the latest malware to spread rapidly across the web, is infecting computers globally by encrypting all of the most important files on a victim’s computer (files, documents, pictures, music, etc.), as well as any files on attached or networked storage systems.
The virus installs a 72-hour countdown clock on the victim’s desktop, demanding they pay a ransom if they want to get their files back.
“Ransom charging software is not something new, but it used to be easier to remove because it would just lock you out of your computer,” says the Pixafy DevOps Engineering team. “But this new variant encrypts your data, making it nearly infeasible to break. Uninstalling CryptoLocker itself doesn’t enable you to recover your data.”
Typically spread through emails with attachments designed to look like they came from legitimate sources, CryptoLocker is a zero day threat that exploits a previously unknown vulnerability in a computer application. When malicious hackers find a security hole in software, they attempt to exploit it before the vendor becomes aware and releases a patch for the problem.
Security issues like these should be taken very seriously. As a website development company who relies on a bank of PC’s for day-to-day functionality, desktop security is always top of mind at Pixafy. Not only do we want to protect ourselves, but we also want to make sure our clients are prepared for security threats.
“For combating ransomware like CryptoLocker, the best thing you can do is have a copy of your data that is not connected to your computer,” says the Pixafy DevOps Engineering team, “like on an external hard drive.”
It’s common practice for companies to have backup protocols for their data, including the physical location of where it is stored.
“It’s also smart to keep your backup data in a different location,” says the Pixafy DevOps Engineering team. “If there happened to be a fire in your office or something of that nature, this would be another guaranteed way to keep your data safe.”
Like many before it, CryptoLocker is often spread through malicious email attachments, which leads us to another (and probably more obvious) security measure precaution – do not open an attachment that you are unfamiliar with.
“Even if you get an email from someone you know, be sure that you are expecting an attachment,” says the Pixafy DevOps Engineering team. “Many scammers hack into users’ email accounts to send malicious attachments to their contacts.”
So stay alert, backup your data, and always be conscious of what kind of files you are opening in an email.
