Cryptolocker, that nasty piece of ransom-ware, is back. In the last two days I have had two separate customers reach out to me for assistance after their PC was infected.
Cryptolocker is an insidious piece of malicious software that works by encrypting your personal files and making them inaccessible unless you pay a ransom to the crooks that deployed it. The folks are indiscriminate and the reality is that, even if you pay the ransom (which is NOT recommended) there is absolutely no guarantee that your files will be unlocked. This could mean that your critical business data, or treasured family memories (photographs, videos etc) are gone for good.
Where does Cryptolocker come from?
Cryptolocker is typically deployed via infected attachments (usually PDFs) on fake Emails purporting to be from reputable businesses / agencies. Once it has infected your machine it will take some time to encrypt all your files, but once done there is no way back. Cryptolocker is particularly invasive and will spread to USB storage devices attached to your PC and network shares.
Cryptolocker - Protect Against IT
Cryptolocker can be removed using a good Malware removal tool, however this will not undo the encryption and your personal files will not be recoverable.
With the above in mind it is critical to ensure that you have reliable Internet Security software installed on your PC(s), and you cannot rely on Free anti-virus to protect you. We strongly recommend that you use a reliable Internet Security Suite which combines a robust firewall, and solid anti-virus protection.
Too many people are blasé about backups, but a reliable, clean, backup is the best form of insurance to protect against the potential data-loss caused by Cryptolocker.
How to recover from Cryptolocker
As stated above, there is unfortunately no way back for your data unless you can restore it from a 'clean' backup that was taken prior to the infection. And if your backup was connected to the PC (such as a portable USB drive) then it may well have been compromised.
If you have been infected, talk to Excalibur. We can help by getting your PC back up and running, and advising you on security and backup solutions to protect against future infection.