Tuesday, December 17, 2013

Protecting your Data from New Types of Attacks - Cryptolocker Malware

In case you have not heard, there is a new and particularly nasty attack against user data going on.  While the type of attack was created back in the 1980's, it is now circling back in an ugly way in an effort to deny you access to your own data for financial gain.  According to the article in Info Security, the Cryptolocker Malware is a type of attack that uses asymetric cryptography that completely locks you out of your data.  This attack does not slow down your system or cause pop ups, it is a full denial of all data.  In the four days between October 27 and November 1, 2013, approximately 12,000 hosts were infected with this attack according to the article.  

The reason behind this type of attack?  The perpetrators are using the attack to bully victims into "purchasing back" their data.  For a reported $300, if paid within 72 hours, the victims can buy back access to their hijacked data.  Unfortunately, not everyone wants to reward this behavior or even has the ability to spend $300 to get their data back.  This is especially true for those of us who have taken the time to implement a backup solution for our data.  However, what you need to know about this particular attack is that it locks you out of your local drives as well as any attached devices or mapped drives.  So, if you back up your data to an attached flash drive or USB device and those are connected to the computer when the computer gets infected, you will also be locked out of all of the files on those devices as well.  This, in effect, renders your backup solution useless.

Here are some steps you can take to protect yourself from this and any type of attack:

  1. Make sure you have antivirus software installed on your computer AND that it is up to date.  Having antivirus software without updating it is like having expired car insurance - it will not help you when you need it most.
  2. Disconnect your backup devices once your files are copied there.  If you use flash drives or USB devices connected locally to your computer, make sure you unplug them between backups.  This way if your computer gets infected, all the files you have backed up will not be compromised.  Alternatively, use more than one backup device and rotate them out to a safe location for a better disaster recovery option.
  3. Use caution when clicking on links and attachments in emails.  I am sure this has been said before, but it cannot be stressed enough because it is one of the most common and easiest ways to compromise your computer system.
  4. Use an online backup solution.  Backing up your data to an online system greatly reduces the risk to your data.  Using an online backup service like ours, with plans that start as low as $22 per year, means you can reinstall the software on your system and download the complete set of your data without losing any files.  
Unfortunately there seems to always be a threat to the data we keep.  Whether it is a weather disaster like a flood, a computer being stolen, a hard drive crash, or simply clicking on an email link, there are still steps you can take to protect your valuable data.  One of the biggest benefits of using our online backup service is 24 hour access to your backed up files.  In the event of a disaster, you can log into your account from any Internet enabled device and pull up any document you have backed up.  This functionality brings peace of mind for anyone who has ever had a paper due the next day of class, a presentation to give at a conference, or a business to run.

As always, be careful with who you trust and when in doubt, proceed carefully!

No comments:

Post a Comment