Ransomware_Malware_CryptoLocker

Last Updated: 23rd July, 2019

Wondering how to prevent yourself from Ransomware or Malware? Then, let’s first try to understand the meaning of Ransomware as well as CryptoLocker.

What is Ransomware?

Ransomware is a malware that locks your computer and mobile devices or encrypts your electronic files. When this happens, you can’t get to the data unless you pay a ransom. However this is not guaranteed and you should never pay!

What is CryptoLocker?

CryptoLocker is a family of ransomware whose business model (you must be surprised, but a malware is also a business to some!) is based on extorting money from users. This continues the trend started by another infamous piece of malware which also extorts its victims, the so-called ‘Police Virus’, which asks users to pay a ‘fine’ to unlock their computers. However, unlike the Police Virus, CryptoLocker hijacks users’ documents and asks them to pay a ransom (with a time limit to send the payment).

Malware installation

CryptoLocker uses social engineering techniques to trick the user into running it. More specifically, the victim receives an email with a password-protected ZIP file purporting to be from a logistics company.

Important Key Points to note about Ransomeware:

  • Most of the times, you are not able to get your data back even after paying a ransom.
  • Sometimes, your data isn’t even encrypted – it’s just hidden. In this case, you can get your data back without paying a ransom.
  • Keeping a regular, separate backup of your files takes all the power away from ransomware.
  • Unless your data is extremely valuable, do NOT pay a ransom.
Ransomware_CryptoLocker

How to prevent Ransomware:

Bad News: Unfortunately, in many cases, once the ransomware has been released into your device there is little you can do unless you have a backup or security software in place.

Good News: Prevention is possible. Following simple cyber security advice can help you to avoid becoming a victim of ransomware.

If you follow these simple steps, you should be safe from ransomware and most other cyber threats likely to come your way.

1. Keep your system up to date

If you are running Windows XP or Vista, you should immediately update your system to Windows 10 or buy a new computer. As we warned back in 2014, Microsoft is no longer supporting these ancient versions of Windows and continuing to use them makes you a prime target for cyber-attacks. And even an entry model $500 computer that will be far more powerful than your current XP one.

For those using Windows 7 and newer, make sure that you have Automatic Updates enabled so new security patches are installed as soon as they are available. These versions of Windows had already been patched by Microsoft to specifically prevent these types of ransomware attacks.

2. Use a reliable antimalware program

While antimalware programs can’t defend against every attack, they can prevent the vast majority of commonly-found malware from infecting your computer. And when new malware is discovered, antimalware providers quickly distribute updates to block it. We recommended the following:

(1) Kaspersky Internet Security,

(2) Bitdefender Total Security and 

(3) Symantec Norton Security Premium.

And antimalware isn’t just for Windows users. Ransomware has been discovered for Macs, too.

3. Back up your data – no, really back up your data

It’s important to back up your data for a number of reasons; and the threat of ransomware is definitely one of them. But it’s not enough just to back up to an external hard drive, or even to the cloud. Many ransomware programs are specifically designed to search out backup devices, even across your network and cloud storage, encrypting everything in its path. To protect yourself, you either have to make regular backups to an external hard drive, which you then detach from your system after the backup (a pain to manage), or use a cloud service that provides automatic versioning so that if the most recent versions are encrypted, you can still recover from earlier versions. We’ve always been fans of Dropbox, which offers a 1TB storage plan for around $100 per year.

4. Keep your browser and plug-ins up to date

Some malware, including ransomware, can be delivered via “drive-by” infections. Taking advantage of vulnerabilities in common browser plugins, like Flash or Java, simply visiting a compromised site, or even viewing a malicious ad on an otherwise safe site, is all it takes for the malware to take hold. So in addition to keeping your operating system up to date, it’s just as important to keep your browser and its associated plug-ins up to date.

5. Avoid ransomware in the first place

Some ransomware, like WannaCry ransomware that just hit Boeing, is spread by email through an encrypted zip file attachment. You click on the attachment and unzip the file and all your precious files are now toast. This common social engineering trick has been around for years and, despite repeated warnings not to click on unknown email attachments, it’s still as effective as ever, as evidenced by the immense global success of WannaCry back in 2017.

DON’T BE THAT PERSON. Don’t click on or open files in email unless you know exactly what they are. Since sender names can be spoofed, simply seeing that the sender is a friend, relative or colleague is not enough. If in doubt, contact them directly to confirm that they sent you the file before you start clicking. And that goes for links, too, that may send you to infected websites (see #4 above).

Leave a Reply