One of the most prolific “successes” in this field was that of CryptoLocker. This malware encrypts files on victims’ machines and then demands payment within 72 hours in bitcoin (BTC). If the victim pays, their system is decrypted. If the victim does not pay, their files are inaccessible. Those behind CryptoLocker had obtained nearly 42,000 BTC between October 15 and December 18, 2013, which equates to approximately $27,000,000 based on the exchange rate at that time. We can forget the saying “Crime doesn’t pay.”
The success of CryptoLocker has paved the way for other criminals and unscrupulous hackers to implement a similar system in their knock-off versions of this malware. CryptoLocker is not an extremely complicated collection of code. It uses standard cryptography suites built into the targets’ operating systems. It uses an untraceable currency for the ransom payment. It feeds on people’s lack of security, lack of backup, and fear of loss—a perfect storm of malicious intent.
2014 is sure to bring a plethora of copycat ransomware to bear against us. We need to be extra cautious in all of our online activities. It just takes one mistake, such as opening an attachment from a spoofed email, clicking on the wrong hyperlink, downloading a file from a social network, or using a portable drive of unknown origin.
The only protection I can recommend is an offline backup. This can be either a physical drive or an online backup service. If it’s a physical drive, be sure to connect the drive to your computer just long enough to perform the backup. Then leave it disconnected until the next time you update the backup. You should be updating the backup at least once a week. If you are extra paranoid, you can use two drives: one that you use for daily backup updates and one for weekly.
If you elect to use an online backup provider, be sure to use one that does not map a drive letter to your cloud storage of your data, because any mapped drive with a drive letter is vulnerable to the type of attack performed by CryptoLocker and its clones. I recommend either CrashPlan or Carbonite, but they are not the only options.
Good luck. Stay alert. Be safe. Let’s hope a security genius discovers a means to prevent future ransomware infections.