Among the many kinds of wicked online traps that users must beware, one of the most vicious kinds is called “ransomware“. This is a generic term for a type of malicious software that encrypts all or the most useful of the victim’s files, making it impossible to open or do anything until a ransom is paid to the cybercrooks. As in many kidnapping cases, their demands can greatly escalate if not paid quickly. But even if the ransom is paid, the victim very often does not get what was taken back.
Fortunately, this last summer, a particular nasty specimen called CryptoLocker was finally broken open by two Internet security firms, FireEye in California, and Fox-IT in the Netherlands. Once they recovered the encryption keys, they put up a free site, decryptcryptolocker.com, to help victims get their precious files back. The details of how they were able to do this are sketchy, but the opportunity apparently arose after an international effort by law enforcement agencies, Operation Tovar, successfully took down the GameoverZeus botnet. Since then other tools and policies to avoid infection have been developed.
CryptoLocker is usually spread by email attachments but can also be spread through by malicious websites exploiting outdated browser plug-ins. More information about how it works can be found here. Though the malware itself is surprisingly easy to remove, decrypting files is not so easy. Thus the tools.
There is, however, an easier way of dealing with this mess, one that also eliminates any worries about losing files from dead hard-drives or other causes. By backing-up files regularly, users can sleep much better knowing that even if they fall for a cybercriminal’s ruse, they need not be a victim.
But backing up usually requires discipline. The user must remember what needs to be backed up and do it when it needs to be done (like every night) and to place the copy (or copies, if being particularly cautious) in a safe, preferably off-site, location. It’s not easy and is asking a lot of most people. But the costs – temporal, financial, and psychological – of not doing so is great. Speaking from personal experience, booting up a computer to find a dead drive and years worth of work gone forever without a trace is as haunting an experience as it is traumatic.
There are many different strategies to back-up files – any one is better than none at all if done regularly. A white paper detailing all the pros and cons can be found here. Perhaps the most optimum solution is to back-up to the cloud, where files are available from any web-browser. In the case of dealing with something like CryptoLocker, once the computer is cleaned out, the files can be easily downloaded like the attack had never happened. It can save the user effort, grief, and if tempted to pay the ransom, money, often a lot of money.
This is not just theory. Recently, one of our customers got bitten by CryptoLocker. Fortunately, the member used Southwest Cyberport’s back-up system, and was saved from a world of hurt when all the person’s files were restored.
Yet all clouds are not equal. Users may not know how safe from prying eyes their files are. If depending upon a free service, terms could change without warning. Plus who knows what the provider could be looking at? They have to pay for that “free” service somehow…
SWCP’s online backup system, the SWCP BUS, is economical, automatic, incremental, and supports encryption. This means that a users’ files are stored inexpensively (starting at $10/month, plus discounts are given for SWCP broadband users), on whatever convenient schedule the user decides.
Furthermore, only the changed parts of files are uploaded, and old copies are kept for a period. So if a user needs a deleted or altered section, the original is still there. And since the system supports encryption, safe from all eyes.
With Operation Tovar and the free tools, users got a break. But CryptoLocker is still out there, and Russian criminal hackers are still busy concocting more mischief. The only way to be secure is to back-up files, however a user chooses to do so. We offer the SWCP BUS because we know that easier is better.
And a good night’s sleep is priceless.