CyptoWall, CryptoDefense, CryptoLocker…different names for the same powerful ransomware virus.  You know that you are the victim of a CryptoVirus if you see a message like this:

What is a CryptoVirus

CryptoViruses can enter your computer the way other malware does such as unpatched versions of Java or Flash and phishing emails. Once the Zip file runs on your computer, a Trojan will place itself in a location such as AppData or Local App Data and add a key to ensure it always runs as soon as you start up your computer.

The Trojan malware then encrypts files on BOTH the hard drive and accessible network drives. The CryptoVirus has now gained access to these files and hidden them behind a private key. It will inform you that you cannot get your files back unless you pay them a ransom within a certain time frame.

How to Prevent a CryptoVirus

Don’t wait for a virus to hit your computer to create a proper defense plan.

• Security Training: Make sure your team is informed about the latest Crypto threats, and knows how to identify suspicious emails. Show examples and inform people to call and ask a sender before opening an email they are unsure about.
• Routine Patching: Every program on your computer, from Java to your Antivirus system, should be patched as soon as one is released. Hackers take advantage of discovered flaws in older versions.
• Restrictions: It is possible to put restrictions on the computer for software downloads and files executing automatically. This can limit the download of legitimate files, but is worth it to protect from virus threats.
• Backup your data: Whether it’s on an external hard drive or on a cloud solution, restoring from a data backup is the only way to retrieve your files. Without they key, you will likely never get those files back in the current form. A backup ensures minimal data loss if you are updating it frequently.

Whether it’s personal items such as family pictures or information vital to your everyday productivity such as workplace documents, it might feel tempting to pay the ransom. But if at all possible, do not pay the CryptoVirus hacker.

Yes- your files are important. But there is a chance that even if you pay- the hackers might not give the files back. They are already taking part in illegal activity, and have no reason to return the files to you.

You should also consider that paying hackers makes CryptoViruses a business model. By giving them money, you are reinforcing the idea that they can profit off innocent people accidently downloading a file. It will only encourage them to continue to improve the virus.

Instead, make sure you are working with an IT professional who is equipped to restore a backup and run scans to ensure your computer is now virus free.