Not again! What is this Crypto-Locker doing and what is Ransomware?
Here we go again. Crypto Locker. I know of 3 more organizations this week who have been hit with it. What is Crypto Locker? It is a virus that encrypts all of your files, and then a ransom note is left behind. Unless you pay the ransom, you lose all of your files. Is it possible to 100% protect yourself? Maybe not 100%, but you can surely recover without paying ransom. Listed below are some ways to protect yourself.
There are so many things going around that look like the real McCoy. If you even slightly suspect that your great aunt Mickey would never send you something like that, she probably didn’t. Call and ask before opening that attachment of the keg party. Chances are, she was not there and did not take the picture. If you can’t ask her, contact your IT Administrator and ask. The same goes for suspicious pop ups and controls that want to install when you browse the web. No computer should have pop-ups appearing all the time. If your computer is doing this, you have some type of virus or malware. If you are not trained in its removal, consult a professional. Does this pop up describe in detail all the things that you are not protected against? Is it threatening personal data, credit cards? Real Anti-Virus programs don’t do it that way. Does it tell you that unless you pay you will lose all your files? Again, not the language of a legitimate program. Don’t fall for it.
Most Up to date Anti-Virus programs can, in fact, catch Crypto Locker. The problem is, there are many variants being released. This is why it is important to always run up to date Virus Software, and up to date Virus definitions. As a new variant is discovered, an up to date definition is released. If you update daily, then you will have the protection that you need. Updates can be scheduled and automatic. What if you are up to date, but are the lucky one who discovers a new variant before the Anti-Virus software company does? With up to date software, comes support. They will still assist in removal, and, they get to document the case you just found in order to create new definitions. It takes a community.
Windows Updates and Program Updates
Windows updates are critical to the safety of your computer. As hackers find vulnerabilities in program code, they are exposed. Windows Updates closes them right back down, just like updating your virus definitions. This is the same for any program you run on the computer. Always keep the programs up to date.
Application Safety Controls
Ever notice that Outlook does not display pictures or links unless you give it permission to? Word and Excel open, blocking all editing or macros until you give it permission? That is because hackers hide code in Macros, or in downloaded content to an email message. This allows another layer of security so that you have the control on what you trust and what you don’t. You can turn off these features, and it would seem more convenient than just enabling content as you need. Keep in mind, it is more convenient to respond to those prompts then it is to rebuild your data once you have allowed the malicious code through.
Do you really think that flash drive is your best defense? I guess it is better than no defense, but there has to be more. Offsite Encrypted backups allow you to keep your data safe and off the computer. If you get a virus infected file, and the file is backed up, with the right backup program it is not a problem. If the offsite backups are encrypted, and isolated, that means todays backup might contain infected files, but yesterday’s files are still safe and can be recovered.
If a virus hits the entire operating system, you need to be able to roll right back to where you were before this bad-dream-of-a-virus happened. However, code like Crypto Locker knows how to crawl through your network and reach out to all hard drives and mapped drives the computer can see. You need a backup program that knows how to ‘hide’ the backup drive to all but the backup program. Many of the expensive ones do this, but so does the Windows Backup Program. And its free.
What about our Clients?
Can I safely say that Sandra Network clients have never caught this virus? We certainly can’t. We can’t protect users from opening up that email from “Aunt Mickey”, no matter how hard we try.. Can I say that Sandra Network clients have NEVER had to pay ransomware prices? Yes, I can. Can I say that Sandra Network clients have never lost all their data or had full loss of business over it? Yes I can. We update, implement, train the employees, and are always watching out for our clients. All safety controls in place, all the time. That is what we do.