The Cryptolocker Ransomware virus has been around since late 2013 and unlike other viruses, it continues to wreak havoc on Windows PCs and networks and now … Macs.
This attack will cause your data to be inaccessible unless you pay a ransom or have a valid and recent backup. Basically it encrypts the documents found on your computer and displays a message offering to decrypt the data if you pay a fine within specified time limit or your data will be destroyed.
ITAcceleration has addressed many such attacks over the years and in cases involving a single PC, the user did not have a valid backup and did not want to pay the ransom, so all their data was gone. Forever. A corporate client of ours has been attacked twice now, affecting terabytes of data on a network share. The backups were valid but the client did lose a day’s worth of data and the server was down for 24 hours while the data was being restored.
In another example, CBS News reported on the infection at Hollywood Presbyterian Hospital resulting in the hospital paying a $17,000 ransom. The segment interview of Ryan Kalember, senior vice president for cyber security strategy at Proofpoint, pointed out that medical records are more valuable than your credit card information when it comes to Medicare fraud.
How It Works
The Cryptolocker Ransomware virus infects a PC from the web or an email. It is malicious code that encrypts data on whatever the PC has access to – local and shared on the network. In our experience, the infection typically starts when a user opens an attachment from an unknown source.
Because the delivery of the virus can take on many forms, it is difficult for manufacturers of virus protection programs to effectively identify and quarantine the problem.
In the Apple world, the complacency of “Macs never get viruses” has come to an end. As reported by Reuters, the KeRanger ransomware virus was downloaded more than 6000 times before Apple addressed the threat. This dwarfs the 8.8 million attacks on Windows PC, but nonetheless has now exposed Apple to the world of damaging viruses.
Prevention Is the Key
Symantec has published do’s and don’ts related to ransomware that I find pretty comprehensive. User due diligence and safe computing habits are the best safeguard to not becoming infected.
Radiolab released a podcast, Darkode, profiling the world of the Internet underground and specifically the Ransomware virus. I invite everyone to listen to this podcast for an interesting and chilling reality of what the internet underground is doing – a market place to sell and buy access to your PC and implant malicious code to perform a variety of tasks such as watching your screen, planting illicit files on your PC, or demanding ransom for your files to be recovered.
ITAcceleration is positioned to react to these outbreaks but the fact is that these potentially crippling threats are indeed preventable with training and safer computing practices. Contact our helpdesk immediately if you suspect a problem with viruses, malware and or any other computing issues. We are here to help.