In one of our posts on internet security, we covered the increasing threat of a new type of ransomware called Cryptolocker. The malware, when installed on a user’s computer, encrypts their files and then demands payment to decrypt them. The user is presented with a timer that counts down and an ominous message explaining that if payment isn’t received before the timer reaches zero, all of the files will be destroyed with no chance of them ever being recovered.
(Image via The Telegraph)
Last Friday, the National Crime Agency released a warning about Cryptolocker and the threat that the malware poses to internet users. They believe that emails containing the ransomware as an attachment could reach tens of millions of people in the UK. They also say that it appears to be small and medium businesses that are being targeted. In their statement, they explain what to be aware of when opening suspicious emails:
The emails carry an attachment that appears to be correspondence linked to the email message (for example, a voicemail, fax, details of a suspicious transaction or invoices for payment). This file is in fact a malware that can install Cryptolocker – which is a piece of ransomware.
The amount that users must pay to regain control of their files varies, but the NCA claims that the demand is 2 Bitcoins. At the time of writing, 2 Bitcoins is the equivalent of £801. However over the last few days, the value of Bitcoins had risen to as much as £487 for 1. Needless to say, that’s a lot of cash! But if the files are important it could be a small price to pay to get them back – one of the reasons that businesses are being targeted.
Of course, paying the ransom is never advisable and only serves to perpetuate this criminal activity. This is especially risky, as there is no guarantee that the decryption key would even be given to you once you have paid up. The NCA recommends that you should get in touch with internet crime agency Action Fraud if you become infected by Cryptolocker. It’s worth noting that it isn’t just the UK that is being targeted by Cryptolocker, as a Police department in the US fell victim to the virus and reportedly paid the $750 ransom.
Prevention is Better than the Cure
There are steps you can take to prevent this from happening to your personal computer or your company network. First and foremost, being aware of the dangers will go a long way to prevent accidentally installing malware. Then the obvious step is to ensure you have anti-virus software installed and kept up to date. You should back up your files regularly too, ideally using some kind of versioning. If your files become encrypted, you can restore your machine to an earlier version and keep the damage to a minimum.
Up to date anti-virus packages offer the best chance of catching malware before you lose files, and there are a number of excellent pieces of software on the market. McAfee, ESET and Symantec have already produced guides for the best anti-Cryptolocker practices. If you are looking for further information, follow the links to see their summaries.
BirchenallHowden can also provide help and advice on backing up your company’s important files and documents. If you would like to talk to us about the best course of action, you can get in touch with us here.
Mass Ransomware Spamming Event Targeting UK Computer Users | National Crime Agency Tens of Millions Targeted by Email Ransom Virus | The Telegraph Police Department in the US Falls Victim to CryptoLocker Ransomware | Softpedia