We are an IT provider that believes in your mission & measures our success by your impact

The Crypto Virus: Are you Protected?

We had a client once tell us: “I heard about the CryptoLocker Virus on the news, but I never really expected it could happen to me.” Unfortunately, it can. And, even worse, it did. The scariest part is that this is not an isolated incident. It can happen to anyone. Whether you have a small business, a large corporation, or a home computer, you are at risk!

What Is a Crypto Virus?

A Crypto Virus is malware, or malicious software, that steals or damages your data by encrypting or ‘coding’ information so that only those with a decryption key can unlock it. Once the virus enters your computing environment, it can quickly spread and make your entire operation completely non-functional.

How Does it Work?

A Crypto Virus is designed to be undetected and built with the expectation that you have a firewall, antivirus software, and rudimentary backup technology in place. Also known as a type of ransomware, the virus typically enters your computing infrastructure through a well-disguised link or image in an email, or embedded in software or downloads that look legitimate but are not (hacked websites that appear normal are more and more common).  Another common method is through guessing common/easy passwords or using brute force attack to try every password combination in a Remote Desktop vulnerability.

Once your system is infected, files are typically dropped into each encrypted folder with instructions on how to decrypt your data. This usually involves transferring money – often Bitcoin – to the attacker in the hopes that the data will be unlocked and usable once again.

What Is the Weakest Link?

The weakest link is you and your users. Learn about email and internet safety. Follow best practices and educate yourself and your staff. Know your email correspondents, do not respond to suspicious requests or links, and only download from reputable locations / app stores.

How Can My Information be Kept Safe?

Obviously, the best form of protection is prevention. However, given that human error exists and that virus creators are becoming increasingly adept at gaining access to vulnerabilities, standard best computing practices should always be put into place. These include:

  • Use hardware firewalls and keep them updated
  • Keep up-to-date anti-virus software
  • Patch your operating system, browser, applications, and plug-ins so they are always current
  • Enforce password complexity policies – length is most important
  • Automatically lock accounts after a few failed login attempts
  • Give users just the rights to the files they need on a server and not to all files on a server. Crypto viruses are most often run by regular staff users and can only encrypt the files to which that user has access thus limiting the damage.
  • Similarly, don’t do regular computing (such as reading e-mail, browsing the web, etc.) using an account with server administrative rights. Use these accounts only for administrative server tasks.
  • Some Crypto viruses scan through the drive letters A to Z to easily find drives that a user has connected to server folders encrypting all files found there. Using shortcuts to server folders that aren’t based on drive letters can prevent these kinds of attacks from working.
  • Ensure that the only external access to your computer network is through a secure VPN tunnel
  • Never use Remote Desktop access from outside the office (unless it’s through a VPN)
  • Create strong mobile security policies for mobile devices
  • Control access to shared information – limit potential damage by providing users access to only the information they need and not all administrative access or permissions
  • Have a rotation of backups so there are several separate backup copies of your data and ensure at least some of these backups are kept in an offsite or offline location unreachable by an attacker

The most certain form of protection is an off-site backup as this ensures you have an isolated, known-good copy of your files no matter what happens.

How Does an Off-Site Backup Work?

Off-site backups do not replace an on-site backup solution which is quicker to access and retrieve. It is, however, an added layer of protection in case of ransomware or disaster.

An off-site backup works similarly to an on-site backup but stores a version of your data and applications outside of your organization and core IT environment. Off-site backups are typically performed onto a portable USB disk which is then stored off-site or through an online or cloud-based provider and run at scheduled intervals.

Recovering from a Crypto Virus

If a crypto virus attack were to take place, the first steps in recovery for all types of infections include:

  • Limit the spread of the infection by segregating infected systems from the rest of your network
  • Determine the source of the infection and shutdown the vector of attack. This may be resetting everyone's passwords, disabling remote access, and more
  • Remove the infection from affected systems before reconnecting to the network

If only certain folders / shares are affected (due to proper security provisions in place):

  • Remove encrypted files and restore affected files from backup. Most backup software also includes what is called "file versioning" which backups up every file at regular timed intervals or every time it changes. This allows you to go as far back as necessary to obtain a clean version before it was encrypted.

If the entire computer or server is affected:

  • Wipe the computer and rebuild from a previous known-good full backup

Is it Really That Simple?

The short answer is no. Even with a great backup solution, restoring your IT environment still takes time and effort. You will also need to make an investment in understanding how the virus began to prevent any future damage. But the biggest questions you need to ask before you even set up your off-site backups are: “How much data can I afford to lose?” and “How long can my IT infrastructure be down?”. This will determine what your backup schedule and retention will look like and how much you are willing to pay for that service. Many options exist, and you can work with us to figure out a solution that is best for you. As you prepare to make your New Year’s resolutions, add off-site backups and data protection to your list!

Content Type: 

At PeaceWorks, we know how to set up your organization with technology that drives your mission. Together, we define a technology vision for your organization and recommend the best ways to support that vision.

Find Out More →

We provide effective and affordable migrations, installations and upgrades that better manage your infrastructure. We focus on solutions that meet your needs, not solutions that are unnecessary or outside of your budget.

Find Out More →

We will design and create a new or enhanced on-line presence. We work with you through the entire process to ensure you get exactly what you need for the present, as well as the future. We build our websites with Search Engine Optimization (SEO) and accessibility practices, customizing as required.

Find Out More →

We collaborate with you to create solutions that turn ideas and data into information that you can use, analyze and distribute.  We build the technology solutions that equip you to better engage and manage your staff, your clients, your volunteers, and your donors.  We simplify data collection, intelligence and management.

Find Out More →

PeaceWorks provides the management and sale of hardware and software solutions. We always discuss your needs and provide you with the most preferable options.

Find Out More →

About PeaceWorks

PeaceWorks provides first-rate technology solutions that enable organizations to achieve their mission with increased ease and efficiency. We focus on genuine client-focused relationships, connecting client needs with sustainable and reliable technology solutions.
Learn More

Waterloo

101-554 Parkside Drive
Waterloo, Ontario
Canada
N2L 5Z4

Phone: 519.725.7875
Fax: 519.725.4220
Toll Free: 888.817.3048

Email Us

Winnipeg

100-62 Hargrave Street
Winnipeg, Manitoba
Canada
R3C 1N1

Phone: 204.480.0314
Fax: 204.415.2051
Toll Free: 888.817.3048

Email Us

Connect With Us

Sign Up for Our Newsletter