CryptoLocker Update

CryptoLocker Update


Since we last wrote about the CrypoLocker ransomware, we have heard from a number of

people who have been hit by this virus and several have approached us with questions about how it works, who’s at risk and how it can be avoided. Below is a quick rundown of what we’ve learned and answers to some of common questions we’ve heard.

Download our checklist to make sure your network is safe from ransomware.

Which versions of Windows are at risk?

At this time, infections have been reported from users on Windows XP through Windows 8. Infections on Windows 8.1 are likely to occur, though we have not heard of any reports yet.

Does CryptoLocker affect Macs and Linux?

We have not found any instances of CryptoLocker affecting Macs or Linux.

Should I pay the ransom to get my files back?

The official answer here is no; CryptoLocker attackers are using extortion, which means you’re doing business with criminals by paying up. That said, a solution has not been found to recover encrypted files – aside from relying on backups – so it really depends on how critical those encrypted files are to you.

I’m worried that I’m going to get infected by CryptoLocker; what can I do to avoid it?

The only way to avoid CryptoLocker is through smart, cautious PC use. Don’t click any links or open any attachments that you’re not sure can be trusted. To minimize the damage that CryptoLocker can do, there are several preventive measures you can take:

  • Back up your data regularly – every day, if possible. Our last blog post details some options for backing up data online, but keep in mind that cloud backup solutions without versioning will not protect your files as CryptoLocker will commit encrypted files to the cloud; check with your tech support if you’re not sure if your online backup service has versioning. Regular offline backups protect your data, but don’t leave the backup storage connected via USB/mapped drive or the virus could encrypt it also.
  • Keep your anti-virus, other software and operating system current with all available updates and patches.
  • If you’re connected to any shared networks, review your file and folder permissions; only grant write access to files you need to edit, and only grant read access to users who users who need to see those files. Also, avoid giving administrative privileges to user accounts, as malware running as admin can do more damage than if it’s running as a regular user.

As we learn more about CryptoLocker, we’ll post any information we think might be helpful to our readers. If you have questions or information that might be helpful, we invite you to share in the comments section.

Charlie Nadler
Switchfast Technologies
Managed IT Services