Thursday, November 28, 2013

Are You Ready for CryptoLocker?

Imagine this: you roll up at your office one morning, press the boot switch on your computer and head to the coffee room while it boots. On return to your office a message on your computer screen tells you that critical files on your computer have been encrypted and are no longer available.

Continue here ...
Further, the message says, to have them decrypted you will need to pay $300 to an online site. If you don't pay within a specified time, the price will increase substantially. Bugger!

What do you do?

Option One:

Does your small business have an IT department whom you can call to fix the problem? If so, are you sure they can unencrypt your files and remove the malware? Even if they do remove the malware, it's very unlikely they will be able to decrypt the files. So, you are back at square one.

Option Two:

You don't have an IT department, but you have an IT consultant whom you can call to fix it for you ... all at the base rate of $90 per hour. Your consultant tells you what everyone knows ie, he can rid the computer of the virus but can't decrypt the files. Back to square one again.

Option Three:

Pay the $300 requested by the criminals running the malware and carry on working. Bad idea. Can you trust the word of a criminal to decrypt and return your files to their original condition? Can you be sure they won't do the same tomorrow, next week or next month now that they have found a paying sucker? Don't reward criminals for their criminal endeavours.

The Solution

As with many of these challenges, the only real solutions are prevention or a contingency plan that works.

At present, only one commercial product claims to be able to prevent CryptoLocker from gaining a foothold on your hardware. That is PC Matic. If you have PC Matic installed on your computer, apparently it will protect from the polymorphic type of virus like CrytoLocker. I use PC Matic but have no knowledge of it having prevented CryptoLocker attacks so I can't comment further in that regard.

I expect that other anti-virus software providers have programmers beavering away at this very minute trying to come up with marketable solutions, but they apparently aren't available as I type.

A contingency plan could include both prevention and using offline backup. By using an external hard disk, you could backup your computer data and then disconnect your hard disk. This would allow you to restore any files that had been encrypted after a CryptoLocker attack. I use an external hard disk for backing up my computer and have been doing so for several years.

Conclusion

Whatever action you take to protect your data, you need to do something and do it now. Computer experts tell us that CryptoLocker will be all the rage in 2014 and that millions of people will be victims of this pernicious malware.

Robin

2 comments:

  1. Wow, interesting information -- I didn't even know about that. Nice blog

    ReplyDelete
  2. Thanks for taking the time to comment Sally. CryptoLocker looks like being a huge impediment to those of us who use computers ... almost everyone.

    ReplyDelete

Thanks for commenting. Comments with inappropriate content or spam will not be approved.