By Leo Marquis, NDS VP of Field Engineering
Volumes have been written about the Cryptolocker (AKA ransomware) virus, but here is what you need to know.
What is it?
Trend Micro defines it as: Ransomware is a type of malware that prevents or limits users from accessing their system. This type of malware forces its victims to pay the ransom through certain online payment methods in order to grant access to their systems, or to get their data back.
Where does Ransomware come from ?
It can enter your PC through an email attachment or through your browser if you happen to visit a website that is infected with this type of malware. It can also attach itself to your PC if the intruder has penetrated the network.
How do I avoid Ransomware?
- Secure and maintain all aspects of your IT infrastructure:
- Invest in a business class firewall
- Ensure all Microsoft patches are kept current
- Invest in a robust anti-virus solution
- Limit Internet access to necessary sites and absolutely minimize “surfing the web” including web based email (i.e. Yahoo, Hotmail, etc)
- Avoid opening any email attachment that you were not expecting
- Watch out for emails with attachments suggesting you must reply quickly or \’act fast\’ and hence feel compelled to open the attachment quickly – without considering the source
Best defense after infection?
If your organization falls victim to ransomware:
- You can pay for the key to un-encrypt and recover your files (never a good idea)
- Call your IT administrator to scan and remove the virus from your systems and use your most recent BACKUP to restore your files.
- After all the deterrent technology has been put in place, the greatest risk to your business comes from your own keyboard — educate and train all personnel to be alert and cautious.
- Always maintain a current backup(s) that is EXTERNAL to your network. (i.e. backup disks that are kept off-location and/or a professional off-site backup program such as NDS’ EBM backup service.)