HOW DOES CRYPTOLOCKER WORK?

Cryptolocker is a new sophisticated malware that first began appearing around 2013. It is designed to scan hard drives for files with extensions from a hard-coded range, file extensions including: .pst to .doc to .xls to .png and .jpg and many more formats. As soon as the scan is complete, the malware encrypts the detected files with AES algorithm and then encodes the AES key with an RSA cryptosystem.

1. Malware Delivery
Cryptolocker malware is mostly being delivered via email attachment

2. File Encryption
Once downloaded, the malware scans all files and encrypts them

3. Ransom Alert
When the encryption is complete, you will be prompted a deadline alert to pay a fee

4. Payment
To decrypt and regain access to your files, you’re required to pay in Cryptocurrency

The encryption technology used by Cryptolocker is almost impossible to break even with brute force attacks unless paying the ransom. But you have to keep in mind that paying the ransom doesn’t guarantee the criminal will indeed send a decryption key.

 

When the time runs out, the Cryptolocker deletes itself from your system, but your business is left with encrypted documents forever, and there’s nothing you can do to retrieve them.

After over a decade, Cryptolocker malware has grown its demographic. In the early days, it only attacked personal computers or individuals but now it silently began targeting the business sector. There is an estimated 100 million dollars of financial damage that organizations paid, not only for the ransom but also penalties for breaching the Data Protection Act.

PREVENTION IS BETTER THAN CURE

For many years, Advantage Industries has been helping organizations up their defensive strategy against cybercriminals. We help equip companies with the right knowledge, the right infrastructure, and the right continuity plan to mitigate these virtual attacks. With the proper offense in place hackers stay away and don’t invest time in an attack they know won’t be successful.

Backup Data
It’s important to keep a second copy of your data ready when needed. Back up all files on external drives or cloud.

Reliable Apps
Only install apps from trusted software companies. Paying the license is way cheaper than paying the Cryptolocker ransom.

Keep System Up-to-Date
In general, cyber hackers look for known weaknesses and loopholes in a system. Thus, keeping system software up to date ensures better security against existing and emerging cyber threats.

Avoid Suspicious Links/ Attachments
Phishing is the most effective lure in the Internet world. Use a reliable anti-malware software to block or scan unknown links & attachments before opening or sending to others.

If your company or any of your workstations may be victim to a cryptolocker attack, contact us for immediate assistance. We have dealt with these scenarios in the past and we can help your business successfully navigate this disaster as well as prevent future attacks. 

Contact our team at Advantage Industries today.