Experiencing a security breach to your computers is very serious. There have been many reports of businesses having their files encrypted for ransom by the Cryptolocker virus variants. The virus is built using an extremely sophisticated network of servers and command and control centers. The people running this network send out very specific targeted viruses which take advantage of poor security and vulnerabilities in computer software. Once installed, the software will then begin to encrypt your data which will prevent access until the data is either restored from a backup, or until the ransom is paid.The two most common methods of being infected are through email and through the web browser. Without a secure messaging platform, spam messages are sent to your company email addresses which include an attachment that appears to be from a legitimate business. Many times they are labeled as “ADP Payroll” or something else that will catch the eye of your employees. Once the attachment is opened, the virus will then take advantage of a software vulnerability and infect the system. Once installed, it will begin to encrypt all data on the local computer and any network data it has access to.
Once your data is encrypted, there are two methods for getting it restored to working order. The first and best method is to restore your data using your backup system. We offer a couple different solutions which include both on-site and cloud based backups. The second method is to pay the ransom using the requested currency. The majority of these have used BitCoin and require you to use the Tor browser to pay them anonymously. The latest rounds of this virus have requested a payment of $1500 USD or more and are not guaranteed to decrypt your data. Our strategy to combat this epidemic is a two pronged approach. The first is to make sure your backups are in working order. 70% of small and medium businesses either do not have a complete backup solution, or they do not test them if they do. Our second approach is to secure your systems from multiple angles. We will assist in securing your messaging infrastructure to prevent the virus from reaching you via email in the first place. The second approach is to secure your computers at the desktop level through patching, policy, and training.