There’s a threat lurking in the darkest corners of the web, waiting to strike — and it doesn’t discriminate. Individuals, businesses and even police departments have all found themselves victims of CryptoLocker, a particularly harmful form of malicious software (malware).
CryptoLocker falls into a category of malware known as ransomware, which is essentially a sophisticated extortion scheme. Unlike traditional viruses, whose purpose is to infect other computers, ransomware takes a user’s files “hostage” by encrypting them and then demanding a ransom for the decryption key.
Ransom payments are generally delivered via Bitcoin — a type of digital currency independent from any central bank. This independence makes bitcoins particularly difficult to trace and it also allows cybercriminals anonymity.
The ransom amount can range from $100 to hundreds of thousands of dollars. For hackers, this can be an extremely lucrative deal. In fact, a New York Times article reported that experts estimated CryptoLocker hackers pulled in over $30 million in a 100-day period in 2013.
While there are several ways malware can infect your computer, the most commonly known method is by opening a suspicious email attachment. Ransomware can also be installed in a “drive-by download,” which happens when a user visits an infected site or clicks on a popup that redirects them to a harmful site.
If you’ve received the dreaded error message proclaiming your files are being held hostage until you pay up, your options are limited. You could pay the ransom, but there is no guarantee the hackers will make good on the promise to deliver the decryption key. Once infected, restoring your computer from a backup is your best option.
Fortunately, there are several preventative steps you can take to ensure you never have to face the tough decision of negotiating with hackers or losing your family vacation photos forever.
•Update your software frequently. Keeping software up-to-date is one of the simplest ways to decrease the likelihood of a cyber-attack. Not only should you be running the latest version of your operating system, but you should also keep programs such as Java, Acrobat, Flash and your web browser updated.
•Invest in antivirus software. With a wide array of choices (including some free options), there’s no excuse to not have antivirus software. While it may mean you have one more thing to keep updated, it’ll be well worth it in the end.
•Back your files up. Don’t overlook the importance of keeping a complete backup of your files both locally and off-site. In the event that you do get hacked, you’ll be able to restore from the backed up files, which means minimal data loss and less headache.
Businesses can also implement preventative measures to ensure a single employee doesn’t accidentally compromise an entire system.
•Enact a software restriction policy. This is the best way for businesses to protect themselves from cyber attacks. Software restriction policies allow administrators to identify and control programs running on a system. Administrators can block or restrict the access of unapproved or unsupported software.
•Leverage centralized, policy-driven patch management. Establish a policy for acquiring, testing and deploying changes to the computer system. Patch management provides an organized way for a business to determine weaknesses in its system and then apply updates (called patches) to eliminate these vulnerabilities.
•Utilize web content filtering. Minimize risk by blocking access to potentially dangerous sites through a content filtering system. The software would scan for sites likely to pose a threat and block access to them.
•Don’t give employees administrator privileges. When creating employee accounts, be sure to designate user privileges instead of administrator privileges. Assigning user privileges limits the changes the account can make, which prevents employees from installing potentially malicious software.
Despite taking these defensive steps, end-user behavior is the key to prevention. Implement safe browsing and email habits, such as avoiding peer-to-peer file sharing and not opening unsolicited emails or attachments.
This post also appeared in The Tennessean, where Concept Technology has a bi-weekly feature in the Business section.