CryptoLocker & Ransomware
Businesses these days are facing many risks in the cyber domain starting from email spammers, service outages and the worst one is the CryptoLocker or ransomware.
What is CryptoLocker:
It is a malware that encrypts certain types of files stored on local and mounted network drives using RSA public-key cryptography, with the private key stored only on the malware’s control servers. The malware then displays a message which offers to decrypt the data if a payment (through either bitcoin or a pre-paid cash voucher) is made by a stated deadline, and it will threaten to delete the private key if the deadline passes. If the deadline is not met, the malware offered to decrypt data via an online service provided by the malware’s operators, for a significantly higher price in bitcoin. There is no guarantee that payment will release the encrypted content.
How to avoid CryptoLocker
This malware spreads via email by using social engineering techniques. Therefore, our recommendation is:
- Being particularly wary of emails from senders you don’t know, especially those with attached files.
- Backup your data regularly.
- Patch or Update your software
- Use the Cryptolocker Prevention Kit and security suites.
- If you become infected and don’t have a backup copy of your files, our recommendation is not to pay the ransom. That’s NEVER a good solution, as it turns the malware into a highly profitable business model and will contribute to the flourishing of this type of attack.