In today’s society it’s pretty much a daily occurrence to hear of someone who has been a victim of some form of malware. Whether it’s a string of spam-emails from a friend who’s had their email compromised or a relative who’s had their computer compromised by a non-stop series of pop-up ads, the sad reality is that these things are now part of every day life. As bad as these may sound, what you may not realize is that these two examples are child’s play compared to something called CryptoLocker.
What is CryptoLocker? Simply put, it’s a unique type of virus called ‘Ransomware’. What Ransomewhere does is essentially hold your data hostage, demanding you pay a fee to get it back (hence the term RANSOMware). CryptoLocker is believed to have been first posted to the internet on September 5 2013. While it’s believed that the original version of the virus was removed in June 2014, there are now several other variation/mutations of CryptoLocker out in full force still wreaking havoc on society.
You may be wondering why I’m choosing to write about CryptoLocker now, something that has been around for several years. Unfortunately, this week one of my fellow GonnaGeekers, Cody Gough of Unqualified Gamers, fell victim to this malware. In the latest episode of Unqualified Gamers (Episode 118) Cody recounts his experience dealing with this virus (or perhaps I should more accurately say that he recounts his hellish nightmare of dealing with this virus).
With most pieces of malware, once you’ve been infected you can often retrieve your data back using external tools to clean and retrieve (or paying the local computer store to do this for you), but this is not possible with CryptoLocker. What happens with this particular piece of malware is that all of your data is encrypted using a unique encryption key. This method of encryption essentially means that it’s next-to-impossible for a regular member of society to ‘unlock’ your data without having the unique encryption key. Of course, the hackers behind CryptoLocker (or whatever variation you have been infected by) have this encryption key for you, but you’ll have to get it at a price (in Cody’s case starting at the $500 USD mark). The bottom line is that if you fall victim to CryptoLocker, you are faced with two choices – paying the ransom (which as per any ransom request carries its own set of risks) or counting your data as a lost cause.
Let’s say that you decide that your data is in fact worth paying the ransom (and the risks that go with that). The hackers want the money quickly so that probably just a matter of paypal-ing some money somewhere, right? Of course not. Using a mainstream payment method would mean that the payment could possibly be traceable, something that the hackers aren’t going to chance. The main acceptable method of payment is Bitcoin, a virtually untraceable, extremely risky currency. As Cody Gough of Unqualified Gamers puts it, “Bitcoins are basically used by criminals.” In fact, getting Bitcoin comes with its own set of challenges and headaches. So let’s just put it this way – even if you decide to pay the fee, it’s not a simple process.
Although Cody just posted the latest Unqualifed Gamers yesterday, Cody had already shared with the rest of us GonnaGeek Network members some of his experience in the days leading up to this podcast release, which means that for a while many of us have been evaluating our own protection methods and I wanted to share some of the suggestions several of us come up with.
My first recommendation is to make sure you have a good, up to date anti-virus. For years I worked in the computer repair industry and time and time again I would see people come in who were running an expired antivirus, assuming that they were still protected. It’s important to remember that viruses are always transforming and evolving, and an antivirus is (primarily) only as good as its database of recognition. It’s also important to note that not all antivirus software offer the same level of protection. I won’t make any personal recommendations here, but I will recommend that you search for antivirus reviews so you can find comparison charts that help illustrate this. Here’s a cost savings tips – many antivirus software offer discounts on their website, and many also offer multiple PC installs included in their basic-antivirus. This is something to consider as if you have multiple PCs in your house, you may be able to save some money if you choose to buy one of the protection solutions that offer installs on 1-3 PCs. Of course protection doesn’t stop there. As mentioned, malware is constantly evolving which means that there’s a chance that you could get hit with a virus that actually is undetected by your software. CryptoLocker itself has been known to begin the encryption protection on certain files before being detected by anti-virus. This could mean that even if your Anti-Virus solution does detect it, there could be some data that is encrypted by the time you get the notice of detection.
Which leads me to my other point…. Back up your data in an off-line place. Now, while many people have in-place automated backups to sources connected to your computer (ie. a nightly backup to an external drive, a backup to a mapped drive elsewhere on your network, etc), this is something that more likely would help you if your hard drive crashed, not so much in the case of CryptoLocker. In my research CryptoLocker will often tackle the data on any of your connected drives, which in theory means that it could encrypt that connected back-up hard drive, mapped network drive etc. This could even mean that if you use a cloud-based auto-synced folder, it could possibly encrypt your data in the cloud (although perhaps the cloud-servers would have protection against this – but I wouldn’t want to chance it). So how can you protect yourself from something that conceivable attack every single piece of data connected to your computer? The answer you seek is within that question itself – don’t have your backup connected. Since constantly connecting and disconnecting a hard drive with your primary source of data isn’t convenient, a more efficient practise would be to invest in an external hard drive solely used for backup purposes which you connect only occasionally to create a backup of your data (making sure to disconnect it once the backup is complete). Although external hard drives aren’t the cheapest item in the world, I encourage you to consider the ransom fee mention above – Cody’s started at $500 (the external hard drive doesn’t seem so expensive anymore, does it?). The timing of how often you conduct an off-line backup to this drive is up to you and your use-case, remember that if you do fall victim to CryptoLocker and have to retrieve your data from the hard drive, you’ll only be able to get the data up until when you last conducted a backup. I would also encourage you to consider setting up a plan to budget the cost of buying a secondary backup-drive as all hard drives are susceptible to data loss due to failure. If you’re backing up to multiple drives, more than likely if you had to retrieve information and one of them did have failure, you’d have the other to go to (but some might argue this is overkill, so I’ll leave it up to you).
Of course now that you’ve taken the time to read this article I encourage you to self-reflect on your security and backup solutions and consider if it’s time to make any changes. I also want to encourage you to listen to the latest version of Unqualified Gamers where Cody does talk about his experience with CryptoLocker. Cody does a terrific job of explaining many issues he’s encountered in his experience, multiple that I have not mentioned in this article. So hop over to the latest Unqualified Gamers and here is account of CryptoLocker and the subsequent issues going forward with it. Cody even takes some time to tell you about how he’s fortunate enough to have somewhere else to go to record the episode, but without it, he’d probably be out of commission. If you’re a podcaster, think about all the source files you use on a regular basis when assembling a podcast (ie. your intros, your bumps, your splitters, your outro). If you’re a graphics designer, think about the templates you use on a regular basis as starting points for your client’s projects (or think about your extensive list of textures and fonts). If you’re just a regular user, think about those family photos and that awesome video you took of your cat (or that other awesome video you took of your cat). Now imagine those files are gone. If you operate without any backups, I encourage operating with the mind-set that every single piece of your data is not important and that if you were to lose it today it would be no problem. Without a backup, it’s better to always assume the worst can happen, so if it does, you are better prepared to accept the loss.
Tags: Backup, Computers, Cryptolocker, Malware, podcasts, security, Technology