CryptoLocker Alert

A new Virus that may lock up your data!
There is a severe virus / ransomware that is hitting many small business customers. The virus comes in through users clicking on seemingly harmless email attachments that are actual viruses. The attack may then install itself on the system and begins to go after your key files. It can look for any Office or database file and encrypt it. It will also search out across a network (including your server) for any files that are also an Office or Database file and encrypt them as well. It may then throw up a message on the screen asking for payment to decrypt the files.

We have been notified that several of our existing customers have been infected by a specific breed of Ransomware known as CryptoLocker that has been making the rounds over the last few months. This malware uses social media or email to attack, and users will see a message purported to be from known entities. The enticement for a user is that it is legitimate, they open it, and now they may become infected.

Corrective actions may involve: (1) Removal of the malware from all infected computers, and (2) restoration from a prior backup.

Once infected the only recovery is to restore from backup. Be very careful in opening up any attachment, as many report that it was an attachment to a Shipping notice or a Banking email.

Be Proactive

Be aware that antivirus alone may not protect you.

1. We recommend rotating at least two sets (more is better) of backups/tapes on a daily/weekly basis: One example might be performing daily incremental backups and then a full backup at the end of the week with a single drive that will then be taken off-site. Repeat this process with a second drive the following week. Another solution might be rotating between different drives on a daily basis and then the weekly full back-up. This will help to provide, in most cases, that at least one of the backups would remain unaffected in the event of drive failure or an infection. (Remember always unplug your back up after use.)
2. In addition to the rotating of a local backup solution, a cloud backup solution (i.e.: Carbonite) could be added as a secondary back up.
3. Also add a professional firewall appliance (i.e.: Sonicwall) to filter network communications and to aid in blocking known server communication associated with the cryptolocker virus.

Although there is no guarantee against any virus or data loss, having layers of protection is your best defense.

Please feel free to give us a call or an email if you have any questions or would like us to stop by for a check up.