Viruses, Spyware, Trojan Horses, Malware: malicious software has been around since Richard Skrenta put the Elk Cloner virus on a floppy disk in 1982.
An increasingly prevalent wave of malware is affecting personal and business users in Australia: Ransomware. Ransomware such as Cryptolocker restrict the user’s access to the computer it infects (usually Windows in the case of Cryptolocker) by encrypting their files. A ransom needs to be paid in order for the user to access their files, generally $100 - $300. Scroll to the bottom of this post to see a video of how Cryptolocker works.
Other types of Ransomware are less sophisticated and simply lock the operating system whilst displaying a ransom message.
Australia is a huge target for Cryptolocker in particular. We are the fifth most affected country after UK, US, Canada and India.
It should be noted that Cryptolocker also affects network files, USB drives and cloud storage applications like Dropbox or Skydrive. Nothing is safe!
Paying the ransom is one way of (probably) retrieving your precious files. The other way is to remove the ransomware using a decent threat management software program and reloading your files from your lastest backup. If you’re a personal user then a daily backup might be enough to protect your files, and save you $300.
However, if you’re a business user, then even an hour of lost work/records might be too much.
This is when you need to consider a risk managmenet strategy such as ShadowProtect that has the capacity to do continuous block-level backups every 15 minutes. VEAAM and Acronis are also great options for this type of backup. These types of backup products ensure quicker disaster recovery than other traditional backup methods such as tape or external drives.
What to do (and what not to do):
1) Update your threat management software immediately.
2) Backup any local files that have not been backed up previously.
3) Check whether you or your organisation is using an application such as ShadowProtect which backs up your ENTIRE server and block level changes as often as every 15 minutes. This could save you $300 and even your entire business.
4) DO NOT open any emails from unexpected sources or open ANY zip attachments, unless previously arranged with a trusted source.
Video courtesy of Sophos.