By: Chuck DeLouis, Special for USDR
Last December, the cybersecurity world was introduced to Cryptolocker, a malware responsible for encrypting files stored on network drives. The platform has since resurfaced as headlines warn of phishing attacks disguised as “decryption tools,” claiming to restore access to files infected by Cryptolocker. Many have fallen victim to these copycat attacks and paid for the bogus software in recent weeks.
As cyber theft becomes a growing risk to businesses, particularly small and medium-sized businesses (SMBs), it’s become critical that organizations take action to safeguard their assets. Research shows 60 percent of companies that lose their data will shut down within six months of the disaster (National Archives & Records Administration in Washington). Cryptolocker and its copycat counterparts are a brutal reminder of how important it is to backup whenever possible.
Businesses are encouraged to follow these best practices to help reduce their risk of attack from the Cryptolocker malware.
Educate users on security best practices
Education still serves as the best way to avoid falling victim to the hands of Cryptolocker or any other malware platform. Business owners should educate staff on popular methods that Cryptolocker masks itself to end users, such as a spoofed email messages. Often, small shop operations “don’t know what they don’t know,” increasing risk. Education is arguably the simplest, yet most important level of protection against cyber attack.
The following guide provides an in-depth look into the origin of Cryptolocker, prevention tips, and the do’s and don’ts if infected by the malware:
The Rise of Cryptolocker: 5 Ways to defend against this new class of ransomware
Maintain up-to-date antivirus, antimalware, and operating systems
Now that Cryptolocker has made its name known, many organizations are jumping to their feet and updating all operating systems with the latest antivirus software versions. These security tools are a necessity for businesses to safeguard themselves against malware products like Cryptolocker that seem to be multiplying in numbers.
Review your managed email security features
Email security software can serve as that extra level of protection by scanning and detecting any suspicious malware before it attacks. As an added layer of security, businesses are encouraged to block certain file types from being transmitted via email, in hopes of reducing the risk of exposure to the malware.
Prevent .exe from running in AppData or LocalAppData folders
Since Cryptolocker operates within the AppData and LocalAppData folders, businesses may block .exe files from running within these folders, to prevent the initial malware download altogether.
Back up your data to an offsite location
Storing all client related materials offsite is always a recommended practice.
Offsite cloud backup has long been a critical component of any disaster recovery effort.
Since Cryptolocker infections are known to infect local drives and network shares, there’s little chance of recovery once attacked by the malware. For this reason, offsite cloud backup serves as the safe alternative.
Tips to remember when setting up your cloud backup:
Choose the right offsite backup solution. Looks for these features:
Cloud-only backup, rather than mandating local and cloud backups
Proprietary backup file formats to minimize the likelihood that the malware encrypts your backup file
Military-grade backup encryption in transit and in storage at secure data centers
Economical archiving and retention capabilities
Keep multiple versions of your protected files
By saving multiple versions, businesses have a greater chance of being able to restore to a clean version of their data
Keep multiple days’ worth of files
Often, a malware infection may go unnoticed for a period of time. Backing up several days or even weeks can ensure a greater likelihood of a successful restoration
About Chuck DeLouis, Vice President of Product Management, Intronis
As the head of the Product Management team, Chuck is responsible for all product decisions including strategy, requirements, and roadmap at Intronis, Boston-based provider of world-class backup and data protection solutions for the IT channel. He has more than 30 years of software management experience and deep technical expertise in databases and data security. To learn more about Intronis, visit www.intronis.com.