CryptoLocker was a Ransomware Trojan which infected computer’s, utilising a Windows Operating System. It was first discovered by Dell SecureWorks. The virus hid within email attachments, and spread throughout a user’s computer upon the attachment being opened. Subsequently, you would be informed that the only way to remove the virus, is with security key, which must be paid by a specified deadline. It is estimated that the makers of the original CryptoLocker virus extorted approximately $3million from computer users. The original CryptoLocker virus was decoded in May 2014, with an online service developed to decrypt the Trojan, developed by IT firm’s Fire Eye and FoxIT.
Although the original CryptoLocker virus has been decoded with the help of law enforcement, numerous copycat ransomware Trojans are constantly being developed. Most recently, scammers sent fake NSW Office of State Revenues speeding fines, seeking payment for overdue accounts. Users are directed to download a PDF which demands a ransom to unlock the virus.
It is important for all organisations to implement processes which mitigate the risks of infection from copycat viruses. Strategies to reduce the risk to your business include:
Install anti-virus software: Antivirus software, with deep packet inspection, can scan attachments to prevent the risk of ransomware attack. It is also important to install antivirus updates, to ensure that you are protected from the latest CryptoLocker variants.
Undertake Data Backups: In the event your computer systems are infected, it may be necessary to restore data from a backup. If data hasn’t been backed up, important corporate data may be lost.
Notify employees: Of the risk of opening potentially malicious attachments.