Thursday, July 16, 2015

Beware of CryptoLocker

A few times this year I have been called to computers that had been infected with a particularly nasty virus known as cryptolocker, or one of its variants.

This has been around for a couple of years now and works by getting onto your computer and encrypting all your data files (documents, music, pictures, everything!) so that they are useless.  It is not possible to decrypt them without a private key which only 'they' have and they offer this to you for several hundred dollars.

Whether you pay the ransom is up to you but there's no reason to believe that even if you did, they'd give you the key!  Apparently around 1.3% of peoplehave paid up and this has netted them several million dollars!

Of course it's illegal, unethical and nasty but ranting about it doesn't stop it happening!

It is important that you are properly protected and there are a few things you can do to help yourself.

Firstly, if it does happen it would be nice to recover all your data from a backup so make sure all your data files are backed up and the backup device is not left plugged into your computer (otherwise that will get encrypted as well!).  You might also consider backing up to cloud storage using one or more of the free services available such as Dropbox or Google Drive.

Of course, you really want to avoid getting infected so don't do anything silly!  By that I mean don't open any email attachment which you are not 100% certain is safe; you know where it came from, what it is and you were expecting it.

There's also a free piece of software called CryptoPrevent which can be downloaded from which will set rules on your computer that would prevent such rogue software from running.  It works by setting restrictions that prevent programs from running if they're not in a correct location so anything that installs itself to a strange place and then tries to run will be blocked.