Over the last few months we have noticed a significant increase in the number of attempts and even infections of the ransom ware viruses, or CryptoLocker. This is a virus that encrypts your data (makes it inaccessible) and then asks for a payment to unlock it. Once you files are locked, you can’t unlock them and they need to be restored, or the ransom paid (which is not an ideal approach!).
The scary thing is we have seen recent incidents where Virus Software has failed to detect the presence of the virus and infection has occurred.
Once infected your files are gone, this starts with the local computer but will quickly target network drives. The only resolution is to restore the affected files from backup, and best response is to rebuild the affected computer.
How this virus spreads is through social engineering, generally via an email that looks legitimate and has a link to a download that looks like a file you would typically see once that linked is clicked the virus starts its work.
So what can be done to improve protection from these types of viruses? Below are 6 areas to start investing in to protect your systems.
- Invest in anti-virus tools and systems at multiple locations on the network the gateway, your servers and your workstations. Look to leverage different vendors and solutions to provide a broader protection platform.
- Don’t open attachments from unknown sources or from emails that appear to be from a legitimate source but are suspicious. If you are not expecting the email or have any questions over it don’t open the message. A close look at the sender address can provide some insight.
- Backup your data at the very least Daily and make sure there are multiple copies of your data 3 at a minimum. 1 original (your servers), 1 on a local backup on separate disks and 1 copy off-site.
- Ensure staff are educated in good computing practices and how to spot threats. Constant education and communication to remind staff to be vigilant. Minimise use or carefully manage access to personal email accounts within the business operations.
- Block .exe files over email, including within ZIP files. This can usually be done using an anti-spam system.
- Ensure that updates are regularly applied to all workstations and servers within the network.
Security of your network need to be an important part of your overall IT investment and Strategy, it is attacks like this that have the protection to cripple your business.