We know that someday a serious attack like Cryptolocker malware infection would come. What we don’t know is the threat can grow exponentially. This attack has gone wild and no one, not even our experts, see that coming.
It was two years ago when we first discovered Cryptolocker. Like other online attackers, attackers use an email to host their exploit kit. In Cryptolocker case, they use .zip file attached in email. Once the recipient opened it, the ransomware will encrypt all files on the victim’s PC, make them completely inaccessible. Well, at least the attacker left the victims an offer to decrypt the files: pay the ransom.
Typically, victims would get panic, finding way to pay the ransom. Companies are even worse. Without asking for a second opinion, many of them fell paying the ransom. So, did it end with the ransom? Unfortunately, it did nothing.
So, What Should I Do to Avoid Cryptolocker Attack?
If I were you, I would back up my data regularly. This way, even if the attacker stole and encrypted them, I still have their copy. You can forget about the ransom and keep the money.
I regularly back up my data. Should it fix the problem? No.
Back upping your data will only keep you from paying the ransom. It doesn’t protect you from the Cryptolocker attack. in order to detect, prevent, or recover from the attack, you should have these things:
- Malware protection. You need something that can easily detects the threat and eliminate it.
- Cloud-based filtering or firewall that can scan through your incoming emails at proxy and email server levels.
- Visibility access to detect, report, and eliminate Cryptolocker infection. Managed security service, SIEM, or anything similar should suffice as long as you proactively monitor them.
- Trained users. Once you’re infected, you should do things to minimize the impact. If you can’t do it, make sure you have someone who can.
- Back up data from your server endpoints and shares. Focus on getting the sensitive information stored in your local hard drives.
- Data loss prevention (DLP). With DLP, you can rest assured that none of your information will get to the server endpoint.
Those Cryptolocker attackers don’t deserve your money. So, never give up even if they threatened you. If there was one person deserve