Today, just having anti-virus software on computers is not enough. Sure it stops a whole lot of nasty things from infecting your computer, but it doesn’t stop everything. In the last couple of months, a number of our customers have had the joy of finding out about ransomware, often the infamous CryptoLocker.

What is CryptoLocker?

CryptoLocker was a ransomware trojan that targets computers running Microsoft Windows and believed to have first been posted to the Internet on 5 September 2013. CryptoLocker propagated via infected email attachments or hyperlinks within emails. When activated, the malware encrypts certain types of files stored on local and mounted network drives using a unique key stored only on the malware’s control servers. The malware then displays a message which offers to decrypt the data if a payment (through either Bitcoin or a pre-paid cash voucher) is made by a stated deadline, and threatened to delete the private key if the deadline passes. If the deadline is not met, the malware offered to decrypt data via an online service provided by the malware’s operators, for a significantly higher price in Bitcoin.

The challenge is that often critical business files are kept on local desktops and not backed up frequently (or ever!) and so they can be lost forever.

What can I do to stop Ransomware?

If you receive email from a random person, that you do not recognise, do not open the email. If the email is not opened, the ransomware can never begin its work.

OK, so I opened an email, am I infected?

Not necessarily, but if you think you are, immediately shut your computer down and disconnect it from the network. Then call your IT Managed Services Provider.

Insight IT (sadly) has a lot of experience with ransomware, contact us if you want to discuss this or any other Security based issue.