Dealing with the ransomware known as CryptoLocker
Ransomware is some pretty nasty stuff and it’s only getting nastier. This particular piece of malware encrypts a person’s drive and then locks it from the user. To unlock it the person must pay, usually by bitcoin, to get access to the freshly encrypted data. Brian Krebs recently called 2014 ‘The Year Extortion Went Mainstream’ and one of the reasons he said that was because of online criminal activities like ransomware. One of the most well known ransomware is called CryptoLocker
There are a couple of ways that ransomware can be combatted:
Take good backups
The backups should be offline. If they’re online then attackers could potentially get access to that device and take it over. Recently, it was found that some Synologys with older firmware versions could be infected with ransomware. Which leads to the next point.
Keep your system up-to-date
This is nothing now and something that has been suggested thousands of times. Still systems are being left unpatched. I know it’s not easy, especially, when there are a lot of other things to do, but one of the easiest ways to keep your system up-to-date is to use a program like Secunia. It does most of the work for you and is fairly user friendly.
Trust your intuition online
Listen to that voice in your head telling you clicking on this link or that link is a bad idea. It’s usually right. If it feels wrong or it’s too good to be true it probably is. I leave it at that, because that’s is something else that gets mentioned a lot in ‘online safety.’
If all else fails, there's an app for that
Recently, Fox IT and FireEye teamed up to offer a free Decrypt service that will get people infected with ransomware their stuff back. I haven’t tried the service, nor do I know how well it works, but both FireEye and Fox IT are legitimate security companies.
At this point and time, there is not an alternative to getting data back from a ransomware infection. You either need to avoid ransomware altogether, reinstall your operating system and have good backups, or use the FireEye/Fox IT service. If you try the service I would love to hear your experiences with it.
This post first appeared on Exploring Information Security.