After making its debut in September, the cryptolocker virus has caused quite a stir in the Tech Security Industry.
A very specific type of malware, known as ransomware, it has been responsible for hijacking company servers, and commandeering personal computers by making files inaccessible.
How Ransomware Works
The name merely describes the hackers’ end goal—to get money from the business or individual with which they have hacked.
In a nutshell, once the file is downloaded to your computer, your files become encrypted and cannot be accessed unless you purchase a key (known only to the hacker). Generally, a time-based ultimatum is given and money is demanded less the key be erased and your files lost forever.
History of Ransomware
Although sophisticated malware such as cryptolocker present a new set of challenges, ransomeware has been around for quite some time.
• PC Cyborg Trojan—Created by Dr. Joseph Popp and unleashed in 1989, this virus encrypted all of the computer’s Drive C files. The virus masqueraded as an expired license and asked users to renew the license by sending money to a PO Box in Panama.
• Krotten—Began in 2006 Like its early predecessors, this virus disabled nearly all files and preyed on the Windows directory. You would know that you had been hit by the Krotten when your OOE became displayed in German. Most modern antivirus software can remove this.
• WinLock—Originated in Russia, this virulent worm did not use encryption. It would restrict access to your computer and display pornographic images. Victims were told that they could regain full access by purchasing a code to unlock their machines.
• Reveton—Particularly clever, this ransomware first surfaced in 2012. Also know as the “Police Trojan” this worm locks up access and displays a message purporting that the user has engaged in illegal activity and that a law enforcement agency is monitoring them and that they must send a fee to regain access to their computers.
• Cryptolocker—First surfacing this year, cryptolocker’s MO is similar to the previously mentioned ransomwares. What sets it apart is its gigantic 2048-bit RSA key. The key is held in private and is threatened to be erased in three days unless a sizable fee is received.
EzFIM—an Additional Layer of Protection
With malware continually evolving, antivirus software just isn’t enough. A solid file integrity monitoring program such as EzFIM is another way to combat cyberattacks as well as to ensure PCI DSS compliance.
Call an EzFIM Tech expert today at 855-393-4666 or send an email to firstname.lastname@example.org to find out more about protecting your computer’s files as well as keeping your company’s sensitive data safe and sound.