To appreciate the importance of regular backups, it often takes having personal experience of losing data and being unable to retrieve it. For a business, losing company data can be crippling and cost thousands of dollars in lost revenue.
As more and more business is performed online, we have noticed an increase in threats attempting to infect business computers. Most commonly virus’ come in through staff e-mails in which the threat is disguised as a harmless attachment such as a PDF or similar. One common threat that is causing havok at the moment is CryptoLocker.
CryptoLocker is a ransomware trojan which targets computers running Microsoft Windows and first surfaced in September 2013. A CryptoLocker attack may come from various sources; one such is disguised as a legitimate email attachment. When activated, the malware encryptscertain types of files stored on local and mounted network drives using RSA public-key cryptography, with the private key stored only on the malware’s control servers. The malware then displays a message which offers to decrypt the data if a payment (through either Bitcoin or a pre-paid voucher) is made by a stated deadline, and threatens to delete the private key if the deadline passes. If the deadline is not met, the malware offers to decrypt data via an online service provided by the malware’s operators, for a significantly higher price in Bitcoin.
Although CryptoLocker itself is readily removed, files remain encrypted in a way which researchers have considered infeasible to break. Many say that the ransom should not be paid, but do not offer any way to recover files; others say that paying the ransom is the only way to recover files that had not been backed up. Payment often, but not always, has been followed by files being decrypted.
Core IT has helped a number of businesses who have been unfortunate enough to be infected by CryptoLocker. In cases where regular backups were being performed, we have been able to help businesses remove the virus and minimise the downtime it would cause.
Our question to you is, how often is your business performing backups, have you tested them, and would you be confident that your data is retrievable if your systems were infected by CryptoLocker?
Core IT can assist your business implement security measures to ensure that this virus and similar virus’ do not impact your business.