|Subject:||Important Security Information about CryptoLocker Ransomware virus|
|Author:||the Technology by Design security team|
|Released:||5:25 pm Monday, November 11th, 2013|
For immediate release
We have become aware of a serious new virus outbreak. This outbreak is more serious than normal because there is no possibility of recovery after infection. The CryptoLocker virus is a ransomware virus. Ransomware is a virus which demands money to clean the computer or remove the threat, up until now these have always been false threats and simply cleaning the machine restored normal operation.
CryptoLocker is different, before displaying the Ransomware message it encrypts files so they cannot be accessed without paying the ransom. Any files the infected computer and user have access to can be and often are encrypted, including shared files and folders on network drives, servers and NAS devices. Once the Ransomware message is displayed users have about 72 hours to pay the ransom.
The only solution to this virus is to either pay the ransom or recover from backup, paying the ransom is not recommended because a) there's no guarantee of payment working, b) paying exposes the victim to credit card fraud and identity theft, and c) paying the ransom funds criminal activity.
Technology by Design's recommendation is to make sure you have a good functional backup solution in place and to verify that you are able to restore from it. Once the backup solution is in place it's equally important to verify that your critical business and personal files are included in the backup.
While having a multi-layered multi-vendor threat managment solution is the best possible protection, we recommend a Netgear UTM appliance between your network and the internet and AVG CloudCare on your workstations, there is still the possibility of infection. No protection is 100% effective and does not replace the need for a properly configured backup solution.
We would be glad to discuss your current backup and threat management solutions and options, verify your backup configuration and verify your recovery procedure.
You can read the United States Computer Emergency Readiness Team's notice on CryptoLocker here: