How do you Recover Following CryptoLocker Attacks?

CryptoLocker. Seriously? Ransomware is beginning to have more family members than we care to count, but this is one we must pay close attention to as it is primarily focused on extorting money from users.

We have seen a rise in CryptoLocker attacks in the small and medium business (SMB) market as of lately. What issues has this caused? There are several major impacts to business; the time it takes to recover your files, for example. Depending on your backup solution and infected files, on average, it can take anywhere from two to seven days to recover your system.

The cost of the ransom if you can’t restore from a backup? We have seen ransom’s starting at $1,200, and they just go up from there.

Another associated cost is hiring an Information Technology (IT) professional or company to rectify the issue. This cost varies amongst IT professionals, but can range from 10 hours to upwards of 50 hours to rebuild a small business network. With costs ranging from $1,000 to $5,000

How is CryptoLocker infiltrating your systems? Like most ransomware, this too is presenting itself as an email phishing scam where users are tricked into opening an attachment. Typically the attachment is marked as an invoice or statement. Once opened, the virus runs rapid.

We have also been seeing user data being compromised through unsecured, remote desktop services. This exploit is done through hacking an administrator or user’s passwords, then dropping the virus on the network. Many clients want to use remote desktop service to connect from home. Instead, try a secure Virtual Private Network (VPN) connection that will ensure protection of your business.

Did you know that local (USB Drive) backup solutions could also be encrypted? One way to avoid this is to invest in an image-based cloud backup solution. With a cloud solution such as Acronis, Veeam or Daato your backups are safe and secure offsite.

You may also want to purchase a firewall through subscriptions services such as WatchGuard, SonicWall or Fortinet, which also protect against spam, email phishing and other unwanted access to your network. Many small business overlook the these types of firewalls or are not aware of them.

The cost for these solutions are nominal when compared to recovering from a crypto or ransomware attack, and they provide peace of mind. IT companies are experienced with these type of issues and know how to protect your SMB. Call Valeo Networks (800-584- 6844) if you’d like to discuss options on how we can protect your business!

Want to learn more about CryptoLocker and how it works? Panda Security goes into depth on how a crypto attack actually happens: https://www.pandasecurity.com/mediacenter/malware/cryptolocker/.