When a user gets a virus, the first question they ask is, “why does someone create a virus, it’s not like their making money from it.” These days that statement couldn’t be more wrong.
Cryptoware is a form of Ransomware which essentially takes your PC and all the files within it hostage. The virus may be executed by opening an email or clicking a link on the web. Once executed an application runs and encrypts all data on your PC making Word, PDF & Pictures unable to open. You know you’ve been hit when you start seeing files named How_Decrypt.txt in every directory.
For every directory that you see a How_Decrypt.txt, that directory is held ransom. If you open this text file you will see instructions on where to send money to decrypt all your files over the web. There is even a site where you can restore 2 files just to confirm that restoration is possible. This is where it gets interesting. Many reviews on the internet say that they DO restore your data without any further issues. But as an IT professional, I must ask, how certain are you that this won’t happen again? The ransom is anywhere between $300 and $500 and doubles after 3 days. You also have a limited amount of days to comply before all your data is encrypted indefinitely.
There is no antivirus software out there that can stop this, but that doesn’t mean you shouldn’t have one. Sophos or Kaspersky is good to have, but remember, there is no perfect antivirus software out there that will protect your firm 100%. We recommend an enterprise firewall. A firewall would block email spam and web popups that may be carrying the virus, thus avoiding it altogether. The only way to really save you firm is to have a solid offsite backup with revisions. This means that if you wanted to restore to a data set from 3 days ago you would be able to do so avoiding any encrypted files received one day prior. You may lose a day of work but that’s better than losing your data in its entirety.
Another way to avoid this issue to go move your firm to the cloud. The managed backups and security in place within Rekall’s cloud will ensure you survival if you get hit with Ransomware.
A backup is the only thing that can save your firm against Cryptoware, and not a usb backup because Cryptoware will encrypt the contents of any USB device as well. Cryptoware 2.0 will even jump from PC to PC and even to the server if it sees it on the network through mapped drives. Have a proper cloud backup to avoid this nightmare.
Groups behind Crytoware & Cryptowall have raised over $3 Million in 2014 by ransoming PCs. It will most definitely bring your firm to its knees as it has shut down government entities all over the world, be prepared.