My phone rang early Thanksgiving morning; on the other end a scared customer. He received a notice on his computer that all his files were encrypted and to make them functional he would need to pay $300.00. I had to break the discomforting news on Thanksgiving day.
The CryptoLocker ransomware is extremely serious and has no solution for removal. Unlike prior types of viruses and attacks that merely threaten, this one actually follows through and encrypts files. Once encrypted the only out is to pay the bad guy.
We started seeing this virus about three months ago. At that time it hadn’t hit the news that all data was truly encrypted. The first handful of infected machines which came through the door required a back up and reload. The problem we ran into was the data was locked and not usable.
CryptoLocker is taking down machines throughout the world – and very fast. You may have read about the Swansea police department paying $750.00 to unlock their computers. This is the virus they were hit with.
CryptoLocker infects computers by sending out fake emails. It is truly a bot and uses infected computers to infect others. Once it’s on the computer it starts encrypting files at such a high encryption that it’s not reasonable to manually decrypt them. Encryption is normally used to protect sensitive data, in this case it’s used to hold your data hostage.
This threat is peculiarly mean in that it infects computers across a network. I’ve read several stories of large offices and colleges getting taken down due to CryptoLocker. In case one of your computers gets the CryptoLocker virus you should immediately disconnect it from the network.
So, I’ve given you enough information about how dangerous this virus really is. What I haven’t given you are tips on how to prevent the CryptoLocker virus in the first place. After all, prevention is the best medicine.
I can’t state enough how a good backup strategy is key to preserving data. As I’ve stated countless times, your external backup hard drive should only be connected while you’re backing up your data. If the computer becomes infected with this virus your data is safely tucked away on a separate device.
A handful of companies have created prophylactic utilities to prevent infection. One of my favorites is included with the pay version of Hitman Pro. Anytime it senses bot activity it warns the user and asks if you want the program to run. If not, it disinfects the machine.
BitDefender Anti CryptoLocker is a pretty neat product; however, it’s part of paid suite of virus protection software. I’ve never been a huge fan of BitDefender but believe this to be a worthwhile product. Basically this software monitors and prevents the installation of CryptoLocker as well as not allowing communication with the encryption server.
Free is always a good thing. I personally run the free CryptoPrevent tool from FoolishIT.com. It’s a relatively small file and took only a few minutes to install. Rather than actively scan for malicious files it turns off windows services and components normally targeted by CryptoLocker.
The final question is what to do after you’ve been infected. If you have the money and the files are valuable enough, then simply paying and moving forward with life seems like the best choice. There are no other reasonable solutions except reloading the operating system. If you miss the 72 hour window the company offers a late payer option for only $2,000.00 which is not completely guaranteed.
(Jeromy Patriquin is the President of Laptop & Computer Repair, Inc. located at 509 Main St. in Gardner. You can text him directly at (978) 413-2840 or visit www.LocalComputerWiz.com.)