Becoming infected with malware can be problematic for any business, but it is even more troubling whenever that malware is cryptoware. Encountering a cryptoware virus such as Locky can quickly bring your operations to a halt, which is why it is important to know how to protect yourself.
What is Cryptoware?
Cryptoware is a type of malware that belongs in the ransomware category. It begins as a Trojan virus that is normally hidden in email attachments. When the receiver opens the attachment, the virus then begins encrypting files on that computer. Once these files are encrypted, the user will then have to pay a “ransom” to have the files unencrypted. Most people are willing to pay up, since the level of encryption is so secure that it would take a great deal of time and resources to break it. However, even if you pay, there is no guarantee you will actually get your data back.
How Files are Infected
A cryptoware attack begins with an email attachment from what appears to be a reputable email address. Although the attachment is an executable file, the .exe extension is not immediately visible since most email clients hide file extensions by default. Instead, the attachment is marked as “letter.pdf” and therefore does not appear unusual. However, when the attachment is opened, the Trojan virus silently executes, encrypting files until all of them are useless. When finished, the virus will send you a ransom notice via a popup on your screen. This notice requires payment through Bitcoin, making it very difficult to track who you are sending the money to.
One reason why cryptoware is such a growing threat is that it is a booming business. Cerber is one company that offers Ransomware as a Service (RaaS), offering an affiliate program that now has 160 participants. Affiliates are able to launch their own campaigns via the Cerber platform, and are able to keep 60% of the profits. In exchange, the company provides them with access to management tools, Bitcoin laundering, and the harmful code. Despite the fact that only 0.3% of all victims pay, Cerber is still on track to make around $2.3 million by the end of 2016.
Avoiding Cryptoware Infection
There is no method of ridding your computer of cryptoware aside from paying the ransom, which means that prevention is key. Experts recommend keeping your antivirus program up to date, and opening email attachments only from those you trust. You should also turn your user account control settings to Always Notify so that programs cannot make changes to your computer without telling you first. Back up information using a cloud storage service such as OneDrive or Google Drive so that if you are infected, you won’t feel pressured to pay the ransom. Using a pen drive or portable operating system to access emails can be useful as well.
Since ransomware is such a lucrative business, there are likely to be even more attacks in the future. You must constantly be aware of the dangers if you are to avoid the costly effects of becoming a victim.