How CryptoLocker Still Haunts an LA Wholesale Company

Craig Pollack | Feb 12, 2015

How-Cryptolocker-Still-Haunts-an-LA-Wholesale-CompanyIf you have never heard of CryptoLocker, you might consider yourself lucky. Your IT installation may not have been affected by this vicious software virus. Unlike other LA wholesale companies perhaps, you may not have been forced to pay a ransom to recover your files.

On the other hand, escaping unscathed is not the same as being protected against similar attacks.  This ransomware and other forms of extortion are on the rampage in several forms and are ready to pounce on the unwary.

The CryptoLocker Menace

Simply put, ransomware is a virus – but a virus with seriously malicious intent.  We were recently contacted by a prospective client needing help – and immediately!  The method of attack used by the virus was as follows: The virus entered a computer running Microsoft Windows by masquerading as an innocuous email attachment.

Once the link in the email was clicked, it then encrypted files anywhere the user had access to a shared drive - on both local and network data storage units - making the data in those files inaccessible to their rightful owner.

The owner was threatened with permanent loss of the data unless a ransom was paid to the hackers responsible for the encryption operation. And the clock was ticking. They had 3 days from the point of infection until the unlock code was permanently deleted. Which meant no chance of unlocking anything.

Cyber Extortion – What Are Your Options?

Opinions among experts were divided in the beginning. Given the strength of the encryption used by the hackers, some consultants albeit unwillingly, said that paying the ransom was the only way to get the files back. Others said that the ransom should not be paid, but did not suggest any other constructive solution.

Over the past few years, victims who have decided to pay the ransom together have paid out an estimated $3 million to the hackers. Those who tried to wait it out while a solution was found risked the permanent loss of their files. Many a hard drive ended up with files that could no longer be brought back from the dead.

Prevention is Better than Cure

Users who had the foresight to make suitable backups of their data that were kept out of harm’s way could restore earlier versions of files and start again. Companies with better data security procedures (ie: Unified Threat Management) were able to avoid the risk in the first place or recover important files by themselves.

Key protective measures to start with in such situations are:

  • Frequent, protected backups of critical data, with regular testing to ensure correct recovery.
  • Fully up-to-date network security procedures and tools, including the latest versions of reputable anti-virus software.
  • The right level of information security awareness among all employees in order to avoid downloads or activation of any unauthorized or suspicious email attachments or other files.

Recently, INTERPOL and other law enforcement agencies and security organizations were able to finally seize the assets of the ransomware culprits allowing victims to unencrypt their files without paying further ransoms. But by that time, considerable data loss and extortion had been inflicted. There is also no guarantee of solutions being found for similar viral infections in the future.

What Else is Lying in Wait?

CryptoLocker has already inspired further malware such as Cryptowall and TorrentLocker. Cyber extortion has also been used against companies with VoIP (Voice over IP) networks as well. Attackers block all communications and only stop when the victim pays money to an anonymous credit card account controlled by the attackers.

Ransomware and malware in general will continue to haunt the Internet. Sound IT security procedures are the only way to eliminate or at least reduce their effects.

 

How do you think an enterprise should react to a CryptoLocker or similar extortion threat? Give us your opinions on the best way for business to combat such menaces in the Comments box below.

 

And to follow-through on the tips introduced in this short article, be sure to download your free guide, How COOs at Los Angeles Distributors and Manufacturers Get More Done: A Guide to Productivity, Data, Staffing, Delegation, and Making It Home for Dinner Most Nights.

 

Download Your Free Guide: How COOs at Los Angeles Distributors and Manufacturers Get More Done

Author

Craig Pollack

Craig Pollack

Craig is the Founder & CEO of FPA Technology Services, Inc. Craig provides the strategy and direction for FPA, ensuring its clients, business owners, and key decision makers leverage technology as efficiently and effectively as possible. With over 25 years of experience building the preeminent IT Service Provider in the Southern California area, Craig is one of the area’s leading authorities on how small to mid-sized businesses can best secure and leverage their technology to achieve their business objectives.

Comments