You’ve probably heard about the infamous Cryptolocker malware by now. It’s a pretty clever scam, though it’s wholly evil. If you or a client is unfortunate enough to open the email attachment containing this ransomware, a program will hide itself on your computer and encrypt all of your files until you pay upwards of $300 to obtain the key that unlocks them. Cryptolocker also gives you a time limit to pay this fee. If you don’t pay in time, the key to decrypt the files is deleted, meaning your files are forever encrypted and completely useless. Attempts to decrypt the files by brute-force attack have been unsuccessful in tests, and some experts are even suggesting that you actually pay the ransom if the encrypted data is critical enough– it sounds like we’re letting the criminals win, but we don’t have to.
For a business that’s protected with proper backups, issues like these don’t always cause a big problem, and they probably won’t have to pay any ransom money to these criminals. Even if the malicious software makes it onto a workstation, it’s easy to restore to a point-in-time image of when your computer was clean.
Taking regular incremental backups is a great way to prevent these types of attack and we’ve actually had a number of partners who have used their ShadowProtect backups to restore systems to a point-in-time before their computer was infected, which really helped save their client’s bacon. Here’s what some of them said:
“The latest nasty bug to make the rounds for one of our customers (to the tune of 25GB of financial and health related files going back almost ten years) is Cryptolocker. StorageCraft, with continuous incremental backups scheduled hourly, kept the losses down to less than five newly created files.” – Barry Tikkanen, Network Engineer, Exceed Consulting.
“I had three companies hit with the CryptoLocker virus and thanks to [ShadowProtect] I got them all back up and running in a relatively short time. Also, because of this virus, I have sold five copies of various versions of [ShadowProtect] in the last two weeks. One of the new sales I setup a week ago was one that was hit with the virus and they’re very thankful that I convinced them that they really needed to have this software in place. – Bill Hathaway, Owner, Intellicomp.
Cryptolocker isn’t the first threat of its kind, and it certainly won’t be the last. Anti-virus programs can do a lot to stop these types of threats from getting into workstations, but as you know by now, they can’t stop an employee from downloading a file on his or her own—anti-virus can’t always protect from simple negligence.
ShadowProtect makes it simple to take point-in-time incremental backups as often as every fifteen minutes, so you’ll have the option of restoring to an image taken just before your equipment was compromised by this malicious attack and only ever risk losing around fifteen minutes of newly created data (depending on how often you schedule incrementals). By taking control of your data with intelligent, regularly scheduled backups, you’ve got a way to get systems back to normal—even if something like Cryptolocker encrypts critical files or attacks systems in other malevolent ways.