Can You Protect Your Business from CryptoLocker Ransomware?

How can you avoid becoming a victim? There have been numerous news stories about the computer ransomware known as CryptoLocker, which has earned its creators $30 million since its September 2013 release.  Also known as malware, CryptoLocker installs on a computer via an infected link in an email. These emails appear to be from reputable companies with content that encourages the reader to make a quick decision to click on the corrupt link.  Once clicked, the malware loads onto the computer and locks down all the system files. CryptoLocker targets the most common files used in everyday business like Word and Excel.  A message appears asking for $300-$500 to unlock the system, along with a warning indicating any attempt to remove the malware will make the files unrecoverable.

Among the many CryptoLocker victims are doctors’ offices, city halls, police stations and law firms, including the one featured in the video below this article. A Charlotte, N.C. TV station WSOC-TV interviewed a small law firm, detailing how CryptoLocker scrambled the firm’s server and locked up all of its electronic files. EZShield recommendation: watch this interview to see how easily this harmful malware can get into your business server or PC and lock you out of your system. Video synopsis: The law firm discusses how its IT department attempted to clean out the malware, which failed. The firm finally decided to pay the ransom to unlock their files.  Unfortunately, the criminals knew the firm had tampered with the malware so they would not accept payment to unlock the files. What can you do to protect your PC from malware like CryptoLocker?

  • Check your back up system. Does it allow you to restore all your files?
  • Back up your system to an offline hard drive and store it securely (such as in a bank safe deposit box) and keep a second hard drive back up so you always have one on hand.
  • Make sure you are the one to take the hard drive to the bank.  Do not allow anyone else access to it.
  • Make your employees aware that clicking on links within emails can be dangerous.  Your data security policy should include action steps for your employees to take when they receive emails with embedded links.
  • Change passwords often, including passwords used by employees that have access to your system.
  • If your system becomes infected, unplug the initially impacted PC immediately to disconnect it from your network.
  • Call the police and report the incident.
  • Don’t pay the ransom. Paying doesn’t guarantee that the criminals will unlock your files nor does it mean the criminals won’t do it again.

The views and opinions expressed in this article are those of EZShield Inc. alone and do not necessarily reflect the opinions of any other person or entity, including specifically any person or entity affiliated with the distribution or display of this content.

Eugene is the Director, Technology and Security of Sontiq, the parent company of the EZShield and IdentityForce brands. He oversees the architecture of the...
Read more about Eugene Bekker.

Leave a Comment.