Cryptolocker Protection and Removal

Cryptolocker Protection and Removal

Cryptolocker is a sophisticated variant of ransomware that’s grown in infamy in recent years.

And while the original strain has been neutralised, copycat cyber security threats still exist. So for ease of use, we’re going to refer to them all as Cryptolocker.

So let’s look at what Cryptolocker is, and how you can provide Cryptolocker protection for your Brisbane business.

What is Cryptolocker?

Cryptolocker is a malware program that has shown itself to be more dangerous than standard ransomware.

Cryptolocker doesn’t just go after the files or devices on your network—it works faster, and goes further, and can affect an entire mapped drive. So your C: drive, E: drive, all of it.

And more insidious than that, it can also spread to external devices, such as USBs, external hard drives, and folders in your cloud networks.

Once Cryptolocker infects your computer, network, drives, or files, you’ll receive a notification telling you that your files have been encrypted. This will say that a ransom must be paid to retrieve them, and you can only unlock your files with a decryption ‘key’ provided by the hackers.

This response is timed, too. The original CryptoLocker ransomware gave victims 100 hours to pay the ransom, or their files are deleted. Copycat cyber security threats present themselves in much the same manner.

At present, Cryptolocker only affects those systems running Microsoft Windows. Mac users are safe, for now.

What is the impact of Cryptolocker?

Given its more aggressive and vicious spread, Cryptolocker can do more damage than your average ransomware. It can prevent access to entire drives, shutting down vast elements of your business operations. It can disrupt IT systems, and spread into IoT-connected devices, with the potential to bring entire supply chains to a standstill.

How to protect your business against Cryptolocker

There are a few key steps that provide your business with protection against cyber security threats like Cryptolocker.

  • Protection from Cryptolocker begins with safe internet use protocol. Provide regular internet safety training for all your staff, and their families. After all, common sense isn’t always commonsense. Ensure that everyone knows they shouldn’t open suspicious emails, or anything from unknown email addresses.
  • Make sure everyone knows what ransomware is, what Cryptolocker is, the potential effects, and how it can be spread. Provide clear instructions of what to do in the event a Cryptolocker attack occurs.
  • Another way to improve Cryptolocker protection is to restrict user access. Ensure users only have access to files and folders that are necessary to do their job. This works to contain the damage; the less attack surface that ransomware has, the smaller its spread will be, and the less can be encrypted.
  • Install whitelisting applications to ensure only approved software is running on your networks.
  • Ensure your antivirus software is up to date and patched with the latest information.
  • Ensure your operating systems are up to date and patched.
  • Importantly, ensure your business has a thorough backup and recovery process in place. Regularly back up your data and files with secure, remote backups. Consider using both physical and cloud off-site storage, to provide multiple backup points.

How to remove Cryptolocker

But if protection against Cryptolocker is no longer an option, you’ll need to know how to remove the ransomware. Be warned though: this won’t decrypt your encrypted files. But it will stop the malware from spreading.

If you fall victim to a Cryptolocker attack, you should treat it the same as a ransomware attack:

Step 1. As soon as possible, isolate any infected drives, devices, or folders from your network. This should work to reduce the spread.
Step 2. Shut off any network connections.
Step 3. Perform a thorough antivirus scan of the infected devices and drives, running it as many times as necessary to remove all traces of the original infection.
Step 4. Restore the operating system to the latest backed-up version.
Step 5. Again, perform a thorough antivirus scan to ensure all traces of the Crytolocker have been removed.

However, we don’t actually recommend you perform the review yourself. Bring your infected devices in to GPK instead. We can perform a thorough review of your devices in a secure environment, to minimise any further cyber risk to your company.

Get Cryptolocker protection for your Brisbane business

The best defence against ransomware is to be prepared. And Cryptolocker protection is the same: the better prepared you are, the more regular your remote secure backups are made, and the tighter your security protocols, the best chance you have at minimising any damage from a Cryptolocker attack.

GPK Group provide full-scope IT cyber security for Brisbane businesses. We help ensure you have the right software and protocols in place to protect against cryptolocker, ransomware, and the latest cyber security threats.

Get in touch with us today to discuss a cyber security solution for your Brisbane business.