How to reduce the damage done by a CryptoLocker ransomware infection

CryptoLocker is ransomware that is one of the most recent and most disruptive forms of malware. It encrypts the files on the victim’s computer.  The attacker gives the personal decryption key to those who pay the ransom charge before the specified deadline. Those who did not pay end up having any access to their files unless they can have their data restored from the backup.

Although CryptoLocker infection is easy to remove, the affected files remained encrypted in a way that researchers considered unfeasible to break. In essence, the cybercriminals prey on those who do not have a proper data backup, and whose only chance of getting their files back is by paying the crooks the amount averaging $300 value in bitcoins. Some believe that the ransom should not be paid, but did not offer a way to recover encrypted files. Some victims claimed that paying the ransom did not always result in the decryption of corrupted files.

CryptoLocker ransomware is widespread

The first recorded cyberattack using CryptoLocker occurred in September 2013, and it is still going strong – in its own form, and also via spawning multiple “cloned” trojans, sometimes unrelated to the original, yet utilizing the same principle of encrypting the files.

Sadly, CryptoLocker is spreading quickly by way of an e-mail that seems to be a legitimate alert from well-known entities such as FedEx or UPS, since consumers tend to be trusting toward the deliveries notifications.

There is a lot of varying information published online as to the numbers of those who decided to pay the ransom. In a research survey by the University of Kent, 41% of respondents affected by CryptoLocker said that they chose to pay the ransom; Symantec had estimated that 3% of victims had paid the ransom; Dell SecureWorks had reported the estimate of only 0.4% of victims who had paid. Many had been able to recover files that had been backed up, while others are believed to have lost substantial amounts of data. Despite different estimates on the number of those who ended up paying the cyber crooks, it is believed that a total of around $3 million in bitcoin was extorted from the victims.

Minimizing the damage

The ransomware’s displayed a warning to not “flip off the PC or disconnect from the internet,” however, turning the system off right away seems to be the most effective action to take as soon as the message displays. Doing so prevents the virus from continuing to encrypt all your data. If the virus is in the midst of an infection course, you could possibly save some files.

The subsequent step is to think about the harm. What files have been affected? Do you have a backup?

If you happen to do have a backup, rid your laptop of the virus – use your antivirus software program (make sure your antivirus is up to date), and restore your data from the latest backup.

When you’ve restored your backup, don’t open or click on links in any suspicious or not that suspicious emails – remember, they may look legitimate.

Paying the Ransom

If you can help it, try not to pay the ransom. You may not even get your data back. In addition, remember that the attacker can use the cash to fund the creation of the next virus…

If you happen not to have a backup, you may opt for paying, since the criminals behind Cryptolocker make it easy for victims to pay the ransom, but remember, there is no guarantee that you will have your money back.

Lessons learned from CryptoLocker ransomware infection

Make sure that your staff, colleagues, family, and friends are aware of the virus and practice cyber safety. Regular Backup, anti-virus scanning, self-education, and other proactive measures, are the most effective strategies for fighting CryptoLocker.

When running a business your network security should go beyond data backup

Cybersecurity is important to everyone. Every business and organization must protect its employee and client data.  When your business computer network is secure, and your critical data is properly protected, the total costs of your IT-related problems and resulting downtime will be reduced. It will not just give you a much better, more reliable, and efficient computer network environment and smoother business operations. It will also add to your business bottom line.

Benefits of Computer Network Security Services for SMBs

Our technicians and engineers are professional experts in computer network security for business We can help you define your specific needs, identify potential network weaknesses and vulnerabilities, and provide your organization with a professional and efficient security solution.  We do not cut corners.

Do not underestimate the measures needed to keep the malicious users – both external and internal – out of your business computer network. We help you keep your data secure, and your business network well-maintained. Let’s have a talk about your specific business IT needs!

How is your state of IT? Call Us: (855) 551-7760 with any questions.