What is CryptoLocker?
Virus becomes active by encrypting personal types of files by RSA and AES cryptography which makes files unusable and decryption impossible if you do not have the private key, stored only on the malware’s control servers.
The malware actively spreads through mapped network drives by encrypting all the files on the servers. This can cause the irreparable loss of important data that might be critical to your business, impeding the use of management system data and blocking all actual corporate operations.
How CryptoLocker works?
CryptoLocker malware gets an access to the system by email with dangerous attachments. To an inexperienced eye these emails might appear ordinary with attached PDF document or ZIP archive (invoice.pdf.exe or order584755.zip.exe) containing invoice or order information, but actually it contain critical .exe files.
Once you open the attachment, all the files are instantly encrypted.
Virus is informing of the damage caused the user displaying a message demanding a payment of a certain amount of money (corresponding to some hundreds of Euros) which might rise over time – up to twenty times higher than the original price.
What should I do when the virus is taken?
Currently there is no way to block the virus or to repair the damage decrypting files with the freeware or antivirus available. More than that, acting that way only makes the situation worse, while CryptoLocker applies countermeasures by deleting the private key: at that point nothing more can be done.
Solution to overcome virus!
The damage caused by malware like CryptoLocker is irreparable only if smart safety measures have not been applied. Adjusted recovery solution for such unexpected events can prevent loss of important and critical data.
Optimal solution is to set up backup of current data on a reliable medium allowing fast recovery of important data without any damage loss that can affect your business availability and performance.
Check to ensure a plan for backing up your files (optimal variant is storage external to your network).
Rack One offers an advanced solution for Remoted BackUP & Disaster Recovery, reliable and efficient, securing important data for your business stability and stress resistance.
Some of interesting specs:
– CDP or Continuous Data Protection will provide you with the most recent version of files backed up
– Non-stop data flow encryption: during internet transmission the data is protected and backed up on a remote storage with exclusive rights of access and recovery
– Remoted recovery via network, or by delivery of physical storage (with the data encrypted on the hard drive).