Like living organisms, computer viruses continue to evolve, and a particularly nasty new species, the crypto virus, poses a serious threat to all computer users. 
A crypto virus makes your files inaccessible by encrypting them with an unbreakable code. Once the virus software activates and encrypts your files, it will post a message on your computer demanding payment of a ransom, usually around $500, to obtain the decryption key to restore file access. At this point, the victim has only two options to recover the data: restore from backups or pay the ransom.
For those hoping to unlock the encrypted files independently, there is an appropriate New York expression: “fuggedaboutit”. The newest crypto viruses use public key encryption technology that not even the NSA can break.
The brief, inglorious history of crypto viruses began in 2013 when the first malware of this type, CryptoLocker, made its debut. In 2014 law enforcement agents managed to disable the network that was launching this virus, but an estimated $3 million in ransom was extracted from victims. (About 40% of victims decided to pay.) Then other malware programmers unleashed similar viruses, such as CryptoWall and TorrentLocker. These pose a continuing threat. It is estimated that over half a million computers worldwide have been attacked by crypto viruses, and the number is increasing daily.
Following up on my colleague Dana Riel’s post on security last week, the following preventive measures will reduce the likelihood of a crypto virus attack. Implementing some of them will require the assistance of an IT professional.
- Avoid clicking links in any email that is unusual or suspicious, particularly unexpected emails purporting to be from package delivery or financial companies.
- Do not download anything from a website that is not known to be trustworthy.
- Set up policy restrictions in the Windows 7 operating system to prevent email programs from launching programs.
- Wherever possible, substitute server UNC paths for mapped drive locations. The current crypto viruses are not able to attack files in UNC locations.
- Configure your server file security options to block modification of server backup files.
- Use Internet cloud backup services, which cannot be attacked by the crypto viruses.
Even with all of these precautions in place, there is still a risk of encountering a crypto virus attack, especially in larger organizations. In the worst case, the crypto virus will provide an unwelcome but thorough test of your file backup capabilities.
Need help figuring out how best to protect your data and implement a solid defense, including backups? Give us a call at 877-ELS-0555 or email us at [email protected] to see how we can help keep your precious data safe and secure.
Haig Hovaness is an experienced IT consultant who works in the New York office of Crosspointe Consulting Group. Haig earned an MBA in information systems and lists over two decades of experience in corporate IT work. He has published numerous articles on information technology and its effects on organizations and society.