cryptolocker

 

Cryptolocker is a new kind of Malware, a highly modified strain which locks your files and demands payment to release them … Ransomeware! For more details have a look at the video on YouTube: http://pages.watchguard.com/483KCW7120001g6000Zts00

Now, while I understand that some of you might not be interested or have the time to watch the above video link, here are some of the reasons why you need to be concerned about it:

  • Cryptolocker is persistent; it is a sophisticated form of Malware that not only holds individuals and businesses to ransom but is extremely disruptive and ultimately leads to downtime and significant cost – and in some cases can jeopardise the whole business. At DSM we have seen this in action on several customer sites and have firsthand experience of the problems it can cause!
  • Cryptolocker isn’t the only kind of Ransomware out there. Businesses need to be cautious about their inbound communication, not just email but also from web browsing, so extra vigilance is required by all users that connect to corporate networks.
  • Whilst devices like WatchGuard Fireboxes and XCS devices can help guard against infection there are still possible ‘backdoors’, for example the laptop computer that gets taken home and connected to the Internet without the protection of a UTM (Unified Threat Management) device. Furthermore, the configuration of any firewall is critical to enhancing security; simply deploying a firewall isn’t sufficient, it must be properly configured with these threats in mind.
  • You need more than just a firewall to guard against Malware threats; a comprehensive security strategy needs to be implemented. We’re seeing increased indications that flat networks are a vulnerable design and that a more secure architecture providing better protection throughout multiple networks within a site is a better approach. Cross infection is less likely this way, but as the video explains, it can never be entirely ruled out.
  • Backup, backup, backup. How many times do we say this? We know simply backing up servers is not enough. Even recently when one of our engineers was on-site upgrading a system he came across a desktop computer with critical business data stored on a local hard drive which, worryingly, was not included in the backup cycle. We’re all aware of the risks associated with loss or corruption of data; an audit of functions across the whole network may highlight areas of vulnerability which need to be identified and rectified.