Tales of CryptoLocker

It sounds scary.  It's late October and someone mentions CryptoLocker.  Sounds like a bad Halloween movie, but it doesn't have to be so scary.  If you've been diligent in setting up your systems, you may have a minor bit of trouble with CryptoLocker, but that will soon go away just like the good Halloween candy.  If you've been one of these "setup and run" kind of installers, you may in for a scare.  CryptoLocker can cripple your computer and demand a "ransom" to unlock your files.  It's known as ransomware, and unlike a standard malware virus, this one holds your computer hostage until you pay up, giving specific instructions for the ransom.  It comes from opening an email or visiting a contaminated website and can disguise itself as jpeg files, pdf files or Microsoft Office files.  

When you setup a computer, you should be making sure it is setup correctly and follow some basic recommended best practices that will secure it from users and from malware.  By taking these simple steps when you setup a computer, you'll be protected from these kinds of scares and at most may lose few settings.  

  1. Install anti-virus and keep it up to date.
  2. Setup a limited user account for the user, even if it is going to be you and another separate account for the administrator for installing programs and doing maintenance.  Use the user account for your daily work.  Only use the administrator account when you have to install something and know that it's safe.
  3. Avoid browsing unknown sites. Use free services like OpenDNS  to help you control this.
  4. Use built-in protection against rogue applications by configuring applocker or at least software restriction policies.   For much older operating systems you can try appsec.
  5. Perform regular off-site backups. 

When you use a computer configured with these five steps and you encounter scary things like CryptoLocker, the scare will be on CryptoLocker.  The malware won't execute and at best it will execute under the user's login which will at most cause issues inside of that user's profile.  By simply renaming the user's profile and logging back in, the system will be back to normal.  

If you would like your systems configured correctly so you can avoid the next scare, please give us a call today.