We’ve all heard of computer viruses, and for some reason many of us think of them as nothing more than a nuisance. I commonly hear complaints about computers being slow “because of a virus”, but not much urgency to understand what the virus is doing or why it’s there.
We use the term Malware to describe the various forms of malicious software that can infect or attack our computers. In this article I’m going to talk about a specific type of Malware that we know as Ransomware.
Randomware is so-called because it holds to ransom, something that you value. Recently there is a very nasty virus called Crypto Locker that falls into this category. Let’s understand why this virus is so important to avoid and what we should do to protect ourselves (and our business) from a potentially crippling infection.
Crypto Locker infects a system much like other viruses do, through a malicious attachment in an email or by visiting a web site that takes advantage of weaknesses in our web browsers or related software (Java being notorious for this!) Once infected, Crypto Locker communicates with a server controlled by its author. There are thousands of potential servers involved, and the virus tries a new one every day, so it’s almost impossible to shut them down. The server and the infected computer agree on an encryption key, which is used to systematically encrypt documents on the computer—making them unreadable to the user. Once complete, the encryption key is deleted from the computer making decryption impossible.
The user will receive a notice on the screen demanding a payment of $300 in exchange for the decryption key. The payment must be made quickly, else the key will not be provided. In essence, if your computer becomes infected with Crypto Locker, there is no way to get your files back unless you pay the ransom. We should note that the virus will encrypt any files it can get it’s hand on, so if you have a USB drive connected, or a network drive mapped on your system, it will encrypt those files, too!
It’s a nasty piece of work, but one that is using security technology (encryption) to net the bad guys lots of money. Hundreds of people are paying to get their files back, every day.
We can protect ourselves by having a good backup strategy that includes keeping multiple versions of the files we backup. That way, we can always rollback to a version of the file before it was encrypted. As you’d expect, we must also keep our Anti-Virus software current to ensure it has the best chance of finding and stopping the virus before it does it’s thing.
- Log in to post comments