Well, if you haven’t already heard of this menace then this article is for you. This insidious piece of malware is the most difficult and near on impossible to recover from. It usually comes in the form of an email asking you to check a link, then it unleashes an encryption onto all your documents and pictures files amongst others and by the time you realise what is happening it pops up with a dreaded window telling you that unless you pay the ransom through an online payment system, then you won’t have access to your data again.
This is the scourge of computer technicians job, removing the virus is not the issue here, but it’s the encryption of your files that makes it nigh on impossible to recover from. This is because Cryptolocker is a ransomware virus that will encrypt your files using asymmetric encryption, which requires both a public and private key. The public key is used to encrypt and verify data, while private key is used for decryption, each the inverse of the other.
The bad news is decryption is near impossible unless your have the private key stored on the cybercriminals’ server.
In the last two weeks I have have half a dozen calls from clients who have encountered an email from Australia Post advising they tried to deliver a parcel and to click on a link to view the delivery details, but alas it is a link to this dreaded malware and it just takes over your PC.
So why am I writing this, well prevention is better then the cure. It is malware like these that people begin to wonder what is the best way to deal with this, should I pay the $300USD to recover my data or should I pay a technician a see if they can recover my data.
The short answer is, you have no guarantee that the hijackers will provide you the decryption, and in my experience less then 30% ever do. You have a better chance of your technician attempting to recover your data, but it isn’t pretty and in 80% of cases it is futile and all is lost. I rang around some local computer technicians and computer stores who agree in general with those statistics.
So how do you protect yourself from this nasty, well unfortunately Ransomware attacks have been around since 2013, that was my first indoctrination to this insidious little beast, and at the time it hadn’t developed enough to provide a tech proof solution, but over the last three years it has been butchered by many other malware hackers and now has become nigh on impossible to recover. So I would suggest that you back up your computer, use the native backup software or purchase back up software that will literally image your hard drive, and do a back up regularly once a week at least, because if you get caught you have only lost a week’s worth of material, if you download a heap of photos or have completed allot of work then back up after that, just to be sure.
Take precautions, because if this does happen the only real way to deal with this malware is to wipe the computer and reload the back up. See if yoru email security has the ability to filter files that have .EXE extensions, or to deny email that have two file extensions, contact your internet security provider about this, they may be able to walk you through how to activate this.
Use a reputable security suite, and make sure it is up to date. Be wary about the origin of the emails you open up and if and Avoid clicking embedded links found in unverified emails.
If you have any worries or may be infected, please contact your technician as soon as possible to weigh up your options. Otherwise, just remember that prevention is better then recovery, as always if you have any questions you can contact me.