Cryptolocker is the number one malware threat and an especially malicious type of cyberattack. The virus is a form of ransomware, which is a network security threat that penetrates a computer system, encrypts files, and demands money to restore their data.
Here’s how it works: Once you’ve been infected with Cryptolocker, you’ll be asked to pay a ransom fee in exchange for an encryption key that will restore your data. To successfully unlock your files, you will need to act quickly! The encryption key will be located on a secret server and it will be destroyed after a specified date and time. After that, your files will disappear forever.1
It’s an extortion scheme and it can be costly, especially if you don’t have your information backed up. However, by taking precautions, being more aware, and putting additional security measures in place, it’s possible to prevent Cryptolocker from affecting you in the first place. Tyler Hardison, Chief Technology Officer (CTO) of STN, says “if your business relies on data, that data has a cost, worth, and value and you need to take preventive measures to protect that.”
The hidden costs of Cryptolocker
Whether you pay your cyberattacker the fee of not, there will be a price for Cryptolocker. You could permanently lose sensitive information and valuable data and suffer costs due to a wide range of other factors, including:
- The disruption of regular business operations
- Potential harm to an organization’s reputation
- Financial losses from restoring systems and files2
STN recently saw an example of these types of unexpected costs that can come from Cryptolocker. They had a medical device client who was hit by the Cryptolocker Virus, and even though they had offsite backups to restore their information, their network was down for four days and they suffered profit losses. Tyler Hardison said, “while our client was prepared, the bigger issue was that they had to endure several days of downtime as they searched for their point of infection.”
Prevention is the best medicine
Being more mindful of the emails you receive is the best way to prevent Cryptolocker. The virus is usually spread through social engineering efforts, which are attempts by cyberattackers to manipulate people into clicking on a link to infect their computers with malware. This often comes in the form of emails asking you to pay fines to stay out of jail, renew your auto warranty before it expires, claim the inheritance of a non-existent relative, or some other far-fetched narrative. But instead of providing you with a fortune, clicking on the link in the email will infect your device with the Cryptolocker Virus and potentially spread across your organization’s entire system.
To help identify whether a threat is real or not, practice critical thinking. By taking a moment to carefully inspect emails, it’s possible to see through the imposters and avoid infection. Tyler Hardison says, “by being more mindful about what arrives in our inboxes, we can greatly reduce the number of malware attacks and defeat social engineering.” Tyler suggests following a few basic principles:
- When you receive emails from unknown senders, be suspicious, not curious
- If an email attachment looks sketchy, ask the sender to confirm its validity
- Don’t trust an email? Then don’t open it
In addition, he recommends that organizations implement strong perimeter defense technology like Firewall as a Service (FWaaS), educate their employees on social engineering, and only use whitelist websites in corporate environments—which helps to prevent security breaches and boosts employee productivity.
To pay or not to pay?
If you fall victim to a social engineering scheme and end up infected with Cryptolocker, you’ll have to choose whether to pay the ransom fee or not. Tyler Hardison says, “smaller households and businesses generally do get their encryption keys when they pay up. No matter how shady of a business a cyberattacker is running, they’re still a business and they have a reputation that they need to uphold.”
To put it in perspective, if a cyberattacker gains the reputation of never returning keys to their victims, then no one would bother paying the ransom fee they ask for. So to continue scamming customers, most cyberattackers will make good on their offer. However, it’s important to remember that they are criminals and can’t be trusted. Ultimately, the decision of whether to pay the ransom fee or not is an individual one that each victim must make for themselves.
Working toward a more secure future
Because Cryptolocker has a relatively easy point of access, it has been able to penetrate the systems of thousands of homes, small businesses, and large companies. But, by improving their perimeter network security and being more aware of social engineering scams, both individuals and organizations can protect themselves from the many burdens of the Cryptolocker Virus.