What is the most important thing you need to know about Cryptolocker and other types of ransomware?
When it comes to malware it is better to be safe than sorry. We recommend you always assume the worst so that you are prepared to tackle impending threats. Tackling spyware and viruses should be a major concern for any organization and their cyber security. In this blog we will take a quick look at the background of CryptoLocker, and more importantly, how it can be avoided.
Background Information about CryptoLocker
As it has been mentioned above, it is just one of the many forms of Ransomware that can be a threat to any organization that is infiltrated. This virus is spread through email attachments, which, once opened, can make your computer prone to phishing attacks. Be on the look-out for a ZIP file that is protected by a password, supposedly from a company in the field of logistics, like FedEx or UPS. Other common approaches are made to look like they are mirroring your bank or financial institution. Sometimes it is as simple as a file that looks like an attached resume or invoice. Once the Trojan is opened, it will automatically run. As soon as this happens, it works to steal information stored in your computer. Once it is done with the encryption of the files, you will be asked to pay a ransom. Once payment is settled, you are supposed to get back all of the files that have been stolen. With this, it is pretty much clear that its business model is extortion. If you are unable to pay on the time specified, it will be stored online, and you can still pay a ransom, but it is in a higher amount and in the form of bitcoin.
How to Avoid CryptoLocker
Given the fact that it can be a significant threat to your cyber security, it is important to exert conscious efforts in order to avoid the problem. With this, the following are some of the best things that should be done.
- Have an Endpoint Security Solution: This is perhaps one of the best ways to defend yourself from anything that can be a threat to your computers. A multifaceted solution is needed to be provided with extensive protection. However, it does not end with installation. Configuration and maintenance will also be necessary. Make sure that they are updated with the most current files to be confident about the protection that they can provide not only from Trojans but from other threats as well. You should find a security suite with an established reputation. It may be costly, but this should be seen as an investment to ensure the best when it comes to cyber security.
- Educate your Employees: Education is the key to avoiding CryptoLocker. You need to disseminate information about the virus, how it is spread, and what can be done to avoid it. Make sure employees are taught about how to spot phishing attempts. They should be careful when opening emails, especially those from unknown senders. Later, we will deal with the specifics of how to recognize possible phishing attacks and the right thing to do.
- Scan and Filter Emails: This is one thing that can be easy, provided that you have the right programs installed. Recent advancements have made it possible for emails to be automatically filtered as they are received, minimizing the likelihood that your employees will end up opening emails with threats.
- Update All Software and Systems: This is especially true when it comes to Microsoft. By updating your operating system, it will be less susceptible to the threat. Every update adds a layer of security to minimize the possibility of being infiltrated by a virus.
- Create Backup of Your Files: This measure does not directly address avoiding the virus, but this simply provides you with the assurance that you will still be able to access your files if in case your computer has been infiltrated with this Ransomware and if you are unable to pay the amount that they are trying to extort.
- Restrict Access to Files: By doing this, you are also lessening the likelihood of being penetrated by a virus. Giving administrative privileges should be limited. Access control settings should also be reviewed.
- Do not Pay the Ransom: It may seem tempting pay the ransom, especially if your business has the financial resources. However, by making the payment, you are only tolerating the virus and encouraging the perpetrators to keep going. Worse, even after paying, there is no guarantee that you will be able to regain access to your files. Instead, you should deal with how the impacted system and the threat can be removed from your computer. You can restore the files that have been lost through your backup, provided that you have the latter.
Recognizing Phishing Emails
CryptoLocker will not pose any danger in your computer if it is not opened. So it is very important that employees are trained on how they can recognize phishing emails. Here are some tips of how to recognize the different types of phishing emails.
- Emails that look like they have been sent by a recognizable entity
- Emails from people claiming to be stranded in a foreign country and asking for help
- Emails claiming to be from established news organizations or media outfits
- Emails saying that you have encountered billing problems
- Emails containing deceptive promotional content
- Emails that appear to be sent by high-ranking executives
- Emails warning you of a virus infiltration
MEANWHILE, HERE ARE SOME OF THE RED FLAGS THAT WILL BE INDICATIVE OF A PHISHING ATTACK:
- Requesting personal information, including usernames and passwords
- Using generic greetings instead of your name
- Email often contain poor grammar or spelling error
- Asking you to make an immediate action
- Having spoofed or unrecognizable links
When you receive a phishing email, which can potentially be a ransomware, do not open any attachment, even if the content says that you have to take action as soon as possible. Do not also click on any link included in the body of the email. Do not reply. Delete it as soon as possible. Report the problem immediately to the IT department or to anyone who is knowledgeable of handling potential attacks.
CryptoLocker can be a significant threat to any organization. With this, it is important to pay attention to the measures that have been identified above to minimize the impact of a potential Ransomware attack.
Spread the word with SECURE ITnet’s FREE Cryptolocker infographic