For Immediate Onsite or Remote Support Call: (212) 858-9022

How To Protect Your Business From Cryptolocker

Date: March 30, 2017 Author: Steve Dempsey Category: New York City IT Services Tags: Comments: 0

Cryptolocker is an increasing popular tool for hackers and criminals a like in extorting money from helpless victims and businesses a like. Cryptolocker is a software tool that encrypts all of the files on a server or a desktop. Once the files are encrypted the only way to get them back is pay a ransom in bitcoins to the hacker.


Of course if you have to go this route there is no guarantee you will actually receive the decrypt key. You will be required to send the bitcoins first and then wait. Even if you get the decrypt key you may not recover all of your files as some may have been damaged by the encryption process.


Chelsea New York IT Services



Cryptolocker Prevention


Do you have Remote Desktop enabled? It's builtin remote software for windows and easy to use, the problem is it's also easy to exploit as well. Disable it and find another product that is more secure to access your network remotely. Even if you don't think your server has it enabled you should check anyway.


A proven backup system in place that is tested regularly will also help you recover the files in the event of a cryptolocker attack. If you want maximum protection you should really deploy a business continuity solution that will create a complete image of the entire server. Cryptolocker will damage the operating system as well, not just your data files and the server operating system may have to be completely reinstalled.


A strong firewall with extra security protection might stop an attack before even reaches one of your computers. Often times we see a consumer grade firewall in a business office and those kinds of devices only offer basic protection. Firewalls like SonicWall or Sophos have add on packages that provide extra protection to prevent these kind of attacks.


Educate your team and what files and emails they shouldn't be opening up. If they see an email with very spare text with a link or an attachment, don't open it. A typical cryptolocker infection will be caused by a user opening at attachment they think is a word or pdf file but it isn't.


On larger more sophisticated networks there are other security policies to put in place like showing file extensions, group policies and disabling auto run but if you implement these basic steps you will minimize your chances of being compromised.