The rate of malware (ransomware) attacks on small businesses climbs at an alarming rate. The security firm McAfee warns that soon, attacks that come through social platforms will be “ubiquitous.”
You get an email that looks legitimate say from a FedEx, UPS, USPS or any other lookalike that has a zip file attachment in it. Inside the zipped file, like an unsuspecting nightmare, hides a double-extension file such as .pdf.exe. This is not a PDF document but an executable that if clicked on, will allow CryptoLocker to run on your computer.
Now you might be asking what damage does this thing do? Once installed on your computer, CryptoLocker encrypts files on your computer’s local and mounted network drives by using RSA public-key cryptography while the private key is actually stored on the servers controlled by the malware. In other words, once the file is encrypted, you cannot access it. It is like putting all of your important stuff into a safe that is impossible to open without a key and then hiding the key so you can’t access the contents. In order to get the files decrypted and accessible again, CryptoLocker displays a “ransom” payment message with a strict deadline. If you pay with Bitcoin or a prepaid voucher within the deadline, your files get decrypted. On the other hand, if the payment is not made within the deadline, the price for decryption increases or your files stay forever encrypted. The encryption is so complex that experts say that it is close to impossible to break, so if you do not have a proper backup, the files are non-recoverable. It is discouraged to pay the ransom because it encourages the attackers to continue to do harm. There have been reports that files unlocked become relocked after a period of time.
The best thing to do is prevent the infection in the first place by not opening any emails and attachments if you are not sure where they came from or if they look suspicious. FedEx or UPS is not going to ask you to download a zip file, so if something appears strange, it probably is. If you do accidentally click on something, make sure to pay attention to the file and do not open a double-extension file (such as recipt.pdf.exe). As always, having updated antivirus software is extremely important.