In the last few months there has been a lot of national attention on data breaches and infrastructure hacks that are affecting millions of people around the country. In addition to those hacks and breaches, another type of virus\/data collection malware \u2013 Ransomware \u2013 has been making its rounds on the Internet, and it\u2019s posing quite a problem for many individuals and companies.<\/p>\n
What Is Ransomware?<\/strong><\/span><\/p>\n Ransomware is a type of virus that does exactly what it sounds like it does \u2013 it tries to collect a ransom for your data.<\/p>\n In late 2013 a virus called Cryptolocker began making the rounds. While most everyone is familiar with viruses that try to capture your protected information and passwords (phishing), overwhelm your system with SPAM, or that simply shut things down, Cryptolocker did a bit of everything \u2013 and it tries to get money out of you! Experts estimate that the operators of Cryptolocker have extorted anywhere from $3 million to $17million from their victims.<\/p>\n By late 2014, Cryptolocker had been identified and isolated \u2013 but in the meantime a multitude of copycat ransomware viruses have popped up. Many people, however, continue to refer to these ransomware viruses as Cryptolocker, even though they may have another name. So while Cryptolocker \u2013 specifically \u2013 may not be as much of a threat any more, its many copycats are.<\/p>\n What To Do If You\u2019re Hit<\/strong><\/span><\/p>\n The best thing to do is avoid getting hit all together (more on that later), but if it\u2019s already too late \u2013 here are some steps to take to attempt to retrieve your data.<\/p>\n First, if you have a known-to-be-safe backup you can restore your operating system completely and then restore your files from the backup. This will eliminate the virus and give you your files back. However, it\u2019s important to make sure that your backed up files haven\u2019t also been infected \u2013 which is possible if you\u2019re using an external hard drive that was connected at the time of the infection \u2013 otherwise all is for naught.<\/p>\n If that doesn\u2019t work, there is another way! Last year a group of security firms, along with the FBI, worked to infiltrate the group operating the virus. They were able to track the file that held the master encryption codes and put together a site \u2013 Decrypt Cryptolocker \u2013 where the 500,000+ victims can find the key to unlock their files. By simply submitting one of the files that has been encrypted, the database will figure out which key was used and return it to the user. If you find yourself in this boat \u2013 be sure to submit a file that does not<\/em> contain any sensitive information.<\/p>\n If your data is unable to be unlocked using a key generated from the site, that means you may very well be out of luck \u2013 which is why avoiding Cryptolocker all together is so important.<\/p>\n How to Avoid Cryptolocker<\/strong><\/span><\/p>\n There\u2019s no good news here \u2013 it isn\u2019t easy. There are a few prevention tools that have been made specifically to look out for Cryptolocker, since the virus does a pretty great job of masking itself to seem harmless. Some companies have developed kits specifically for businesses that will implement Group Policies in Windows, limit access to network drives, and take other security measures.<\/p>\n As always, you should only open files from sources you trust implicitly. If you open a file (again, it\u2019s generally a PDF) and notice that your computer is actually executing and downloading a file \u2013 shut off your power source immediately. This may stop the virus from fully being able to execute. Unfortunately, many users don\u2019t realize that the file has been executed for days or weeks.<\/p>\n