Hundreds of millions of dollars have been paid to cyber criminals since 2013 as ransom to unlock encrypted files. One of the most notorious pieces of ransomware is known as Crypto Locker. Crypto Locker typically arrives in the form of an email link or attachment. Once the email recipient clicks the link or opens an attachment, the Crypto Locker virus is downloaded and begins to replicate itself on the network while encrypting files on the host.
At a point in the process, the Crypto Locker virus displays a message to the screen indicating that your files are now encrypted. To restore these files, the end user must pay a ransom to receive the encryption key that will return the files to normal. If that fee is not paid, the encrypted files are all but lost. The only practical options available to the end user is to restore from backup or pay the ransom.
As the Chief Security Officer for Orion Group, my job has been to educate our clients on the dangers of responding to unsolicited emails to avoid just such a situation. We encourage our clients to take file backup very seriously and to test those backups regularly. Each client is configured to run an email focused antivirus scan on all inbound and outbound emails. Even with many of these and other precautions, our customers have become victim to the Crypto Locker virus – with costly consequences.
I subscribe to HealthITSecurity, an online news and resource for Health IT security pros. Through this service, I received a recent link to a handbook called Ransomware: Hostage Rescue Manual by Adam Alessandrini. In this excellent manual, Adam discusses:
• What is ransomware?
• Am I infected?
• If I’m infected, now what?
• How to negotiate and pay the ransom.
• How to protect yourself in the future
• And includes a list of helpful references.
You can access a copy of this manual be clicking on the link above.
Because ransomware can be so devastating, this is a must read and timely topic. Ask your managed service provider what they’re doing for you to help you protect against this cyber-criminal activity. With the knowledge you’ll gain by reading through Adam’s manual, you’ll be in a great position to ask good questions!