Cryptolocker – What you need to know…

Cryptolocker – What you need to know…

A dangerous new virus is spreading quickly all over the internet.  It’s called CryptoLocker …and this one is particularly nasty.

What are the risks?

  • Cryptolocker is destructive.  Cryptolocker modifies your important files, rendering them unusable through encryption.  The files can’t be un-encrypted without paying, and the price keeps going up.  When the virus was first identified, the going price was $200-300.  Its now ballooned to over $2000.  And you only get a short window to pay before the key to unlock your data is thrown away.
  • The virus attacks office documents and images.  It also has the ability to infect database files, such as those used in some dental software.
  • It will spread over the network.  Meaning it can spread from a workstation to a server, or into your online storage services (such as Dropbox , Google Drive or Amazon Cloud Storage).

How do I prevent it?

  • Most anti-virus programs (as of right now) are incapable of stopping the virus before it begins it’s dirty work.   It’s up to you to help ensure it doesn’t make it’s way onto your system:
    • Be very careful with email attachments.  Right now, a known infection method are emails (with attachments)that might have subjects that seem legit.  Examples are:  “information regarding your shipment/order” an “efax” or “payroll information”.   Check out our tips on how to handle email attachments.
    • Update Java to the latest version.  The only site you should visit to do so is www.java.com.  Any other sites may trick you into downloading illegitimate software.  See our blog post for a step-by-step.  We can always take care of it for you, quickly and remotely if you need us!
    • Let us know if you think you are infected with any sort of malware or spyware.  Infected systems have a compromised “immune system”, making it easier for the bigger, badder infections to take hold.

What do I do if I’m infected?

Please, let us know as soon as possible.  The sooner it’s addressed the better the chances are to mitigate the damage.

  • Turn it off immediately!  The virus will continue to encrypt any files it can while the infection is present.  Any removable drive that was connected to the PC may also be infected.  Place items like USB sticks or camera memory cards aside if they were inserted into the PC when it was infected.  Make a note of the countdown time and how much time remains.
  • Be prepared to start from scratch.  Any infected computers will likely need to be restored to factory settings, and all applications reinstalled.  Depending upon your backup method(s), restoring files from a secure backup may be possible.
    • Online backups may offer restoration, as long as they support versioning.  This means there are backed up versions of files before they were infected.  Healthy IT backup has versioning enabled by default.
  • The last resort is to pay the ransom.  This has been reported to work and restore files to an unencrypted state.  But how can you trust there isn’t some back door or something left on your PC that identifies it to the virus authors?  And paying them is basically just an investment into making the next variant even worse.

We can help!

Contact us if you’d like us to perform updates or health checks on your systems.  We can perform removals if you think you are already infected with any type of malware.  But as medical professionals, we know you understand the power of prevention, so let’s stop this one in it’s tracks.

Posted in: Tech Tips

Leave a Comment (0) ↓