Protect & Prevent Attacks Before They Happen
What is CryptoLocker & How Does it Work?
You may have heard in recent weeks there has been a rise in cyber-attacks affecting companies all over the world. This virus is known as CryptoLocker and can be incredibly damaging to your business. CryptoLocker is a virus created by hackers that can infect PCs running on Microsoft Windows. A hacker’s main purpose is to hijack computers, encrypt all of the files on the computer and network making them unreadable. The hacker sends a message which states data is encrypted and requests a payment to regain access. If payment is not given, they will not release the key to decrypt the files and they are useless. Extech strongly advise not to provide hackers with money and to contact us straight away. Times is of the essence when you have identified that files have been encrypted. The faster you inform us, the quicker we can limit the damage to your data. It is important to supply as much information as possible if a user has opened an infected email. The quicker we understand the source of the infection, the less damage will be done.
Most Common Way a Hacker Uses CryptoLocker
Email attachments are one of the most common ways a hacker can infect your computer and the network. Once opened, it infects the machine and spreads across the network. If you are unsure of an attachment you have received, it’s important to check before opening it. There are a few ways to tell if it is from a potential hacker:
– the email is from an unknown email address
– spoofing their email address so it looks like it has been sent from someone you know or a colleague e.g. email@example.com
What Does Extech Do for You?
At Extech we implement safeguards for you to give a basic layer of protection. These include: using a strong antivirus or endpoint protection system (ESET, Trend & Sophos) and backup solutions to quickly restore your files in the event of an infection. Although these protection mechanisms give a good deal of protection, they are not infallible, and users are advised to be extremely vigilant. As systems become more secure, viruses and exploits increasingly rely on social engineering and ‘tricking’ users into infecting their systems. There are however additional products (such as OpenDNS) which can prevent the initial communication to the CryptoLocker servers. Speak to you Sales representative if you require additional protection.
What can you do to protect against CryptoLocker?
Never open emails or attachments from unknown sources (usually called invoice.pdf, accounts.xls). If the email requests transfer of funds, double check directly with the sender.
Disable hidden file extensions in Windows so that you can recognise untrustworthy sources. If the attachment doesn’t have the normal icon for the application, check with Extech.
Ensure that you have a secure password policy. Make sure you change your password at least every 90 days or you have a system policy to enforce. Passwords with known words are easy to guess. Passwords such as ‘Password123’ are instantly crackable and practically useless.
Ensure that your back up system is up to date and ensure that you have the best up to date anti-virus.
Be vigilant, if you have any suspicions that your company is infected contact us immediately on 01444 443200.