Sales
0161 215 3814
0800 953 0642
Support
0800 230 0032
0161 215 3711

Decrypting Cryptolocker

As we said earlier in the week, cyber security threats can come in all shapes and sizes. Right now our hit-team of security experts have noticed an increasing trend in Cryptolocker ransomware. Oh good. As ever, when a specific type of threat surfaces, it’s important to educate yourself – and your team – on what to look out for and make sure you know what to do if the worst should happen.

Cryptolocker rise

What is ransomware?

So first up, what on God’s green earth is ransomware? It’s essentially a type of malware that encrypts your data, freezes it so that you can’t access it, and then demands money for the decryption key. It’s been tipped as one of the top threats of 2016. If it was a young celebrity terms, it would be ‘one to watch’.

And this ‘Cryptolocker’ business and why’s it on the rise?

Cryptolocker is a strain of ransomware. It’s been around for a while, but copycats come out with stronger encryption keys and improvements all the time, which is potentially why it’s on the rise.

How do I protect myself?

  • The first line of defence is educating anyone that logs onto your server. Never open email attachments from sources you don’t recognise; and be aware that attackers are using increasingly sneaky methods to make it look like they are legit, so be extra vigilant.
  • Don’t go to untrusted websites either – hover over links before you click on them to check they’re going to take you where you want to go, and not down a rabbit hole of bad times. You can copy and paste unknown links on link expanders like http://wheredoesthislinkgo.com/ first to test where they’re actually going to take you.
  • Anyone that logs onto your server should make sure they have complex passwords and that your server usernames are not common names i.e admin, administrator or test. Yes, it’s a pain to remember, but less of a pain than having all your business messed with.
  • The users which are on the server should have the correct permissions set, so you only give administration rights to server administrators. If users of the server only need access to one folder, give access to only that folder.
  • If you’re only accessing the server from specific locations and you have a static IP address, use your firewall to restrict ports used for administration to specific IPs. Our clients can change their firewall settings in their MyUKFast client portal.
  • The last line of defence is having good and healthy backups in a separate location. Most of the time there’s no way to get around ransomware so this is the only way to recover your data if the server. We have a range of backup solutions available at UKFast so give us a call if you want to discuss your options; otherwise you could find yourself paying the price – quite literally.

Find out more about our security arm, Secarma, and the solutions on offer at UKFast.

Share with:

Enjoy this article?