In its first year, CryptoLocker ransomware claimed approximately 250,000 victims and demanded anywhere from $300 to $2,000 for each attack.  Since then, the ransomware has made millions off of unsuspecting prey.

CryptoLocker is a prolific malware. With the rampant rate of infection, the question is not if, but when an attack will occur. Here’s what you need to know about the ransomware to prepare for attack.

WHAT IS CRYPTOLOCKER?

CryptoLocker is a ransomware targeting Microsoft Windows devices. The malware selectively encrypts data, making it impossible for users to access files. Once encrypted, data is held ransom by the attacker, who holds the encryption key. The victim must pay a ransom within 72 hours to gain files back from CryptoLocker.

HOW DOES CRYPTOLOCKER WORK?

CryptoLocker is commonly delivered through infected email attachments and links from an unknown sender. Once an unsuspecting email recipient clicks on an infected link or attachment, the malware encrypts files and stores the key on its own server. The victim is then presented with a ransom note threatening to destroy the key to the files unless a payment is made.

HOW CAN I STOP CRYPTOLOCKER?

It’s not if, but when a CryptoLocker attack will occur with the ransomware’s profuse rate of infection. The number one action that all companies should take to protect themselves is using a hybrid cloud backup. A must-have backup is one that regularly replicates onsite data and services to an offsite location, verifies backups, delivers instant cloud virtualization, has the ability to view where the virus took hold among files, and perform a restore within minutes.  A hybrid cloud backup allows ransomware victims to go back in time and retrieve files without having to pay ransom if attacked.

In addition to a hybrid cloud backup, companies should use all-encompassing anti-virus protection to fill the gaps in network security caused by different endpoint devices. Simple malware and firewall software don’t pass security requirements and simply aren’t enough for businesses today. Lastly, email recipients should be wary of messages with attachments and links from unknown senders. Before you click on files or links in a suspect email, send it to your IT support to ensure it won’t cause damage to your data.

Don’t lose your files to CryptoLocker – prepare for attack! Read more on how to protect your business with a hybrid cloud backup and total anti-virus.

Find SysGen’s IT support and managed IT services in Calgary, Edmonton, Red Deer, Vernon, and Kelowna. Learn more about SysGen’s cloud offering, cybersecurity services, managed security, and Digital Advisory team by clicking here.

Headshot of Michael Silbernagel

Michael Silbernagel, BSc, CCSP, CISSP

Senior Security Analyst

Michael is a lifelong technology enthusiast with over 20 years of industry experience working in the public and private sectors. As the Senior Security Analyst, Michael leads the cybersecurity consulting and incident response (CSIRT) teams at SysGen; he is the creator of SysGen’s Enhanced Security Services (ESS), our holistic and comprehensive cybersecurity offering that focuses on people, technology, policy, and process.