Ransom-Ware meets ClickAddicts

Recently I have had the fortune of coming across this new program called Cryptolocker. It is a rather nasty form of Ransom-Ware that embeds itself in the usual method, emails, web-links, and ad-blocks on websites.

Now for those of you who do not know what Ransom-Ware is, it is a virus, or worm, that when installed, wreaks havoc in one form or another on your computer, often doing irreversible harm, and then holds your files and information for ransom. Once it has done its damage it then notifies you that in order to have everything return back to normal, you must pay x amount of dollars. This amount can be anywhere from $200-$1000.

 

Cryptolocker specifically when installed will go through and encrypt every single picture, music, and document file that resides on your computer, as well (and this is especially bad for businesses) as any files you have access to on network drives or shares. Once it is done encrypting everything you get notified that unless you want all your stuff to be permanently encrypted, you have to pay the price to have everything decrypted for you.

Why not just leave it alone and not pay? Encryption makes the files unreadable without a deciphering key. The information contained within them ends up looking something like this:

è¥ ö±t.Qª{>ŒlJ{‚mÑ/{Ó¬Á¦§]ŸÚ’é‰H‡ @VKºÅ þTe>½’•œJ] «–Ö 8ñj÷h’åÃ8uRû”† È[î v~T*•¢ S•O 2Ên†+Ð$þ ø!†±ò (¸E0 õ¯B2e¯±YO MÎ…µ©#­ÕôØ+Nè†óU^æ 9½'úSG±™ LÏ¿$FýSÆŽ¶¢ ’,ìÁ 
For all you know, that could have just been a recipe for Spaghetti, but now it's all garbled in the encryption (this is why the military uses encryption to keep their files safe). After you pay your ransom, Cryptolocker releases the key to you so that your computer can go back an decrypt everything. After that you can then remove the program using Malware-Bytes or another similar program. Sure you could un-install it prior to that, but then all your pictures of baby Joe doing the wiggle will be lost forever (unless you backed it up).

My experience was on a private network, at a job site. Somebody happened to click on a link, it installed Cryptolocker, and over the course of 2 hours, every file on their computer as well as their work servers was encrypted so that NOBODY had access to it. Thankfully somebody had warning and was able to lock the server to Read Only, which stopped the virus from further damage, however everything from the past 2 days was lost. Everything had to be reverted to a backup from a "known good" which was written 2 days prior.

Now think of that on a normal business scale, the more employees you have, the more money you loose, deadlines not met, unhappy customers, etc... Just say you pay 100 employees $10 an hour, for a standard 8 hour workday.

You lost $16000 because somebody couldn't help themselves and just had to click that link :)
Firelight Web Studio
A price you can afford, payments that work for you, and information when you need it, will keep you in the driver's seat, even if you don't know a metatag from a content management system.