Everyone has heard or read about cybercrime. But many companies and private individuals only really deal with the issue after the damage has already been done. If "Cryptolocker" is then mentioned, those affected will not forget the term anytime soon. Because it is a widespread malware used to blackmail people or companies. It falls into the group of so-called ransomware (ransomware is the English word for ransom).
Simple Principle
A cryptolocker is infiltrated into a computer system unnoticed, for example via
a link in an e-mail, using a manipulated website, or on a USB stick. Files
on the infected computer and connected network drives are then encrypted. When
this process is finished, the files are unusable. A message will appear on
the computer prompting
the victim will transfer a certain amount in Bitcoins to the (of course anonymous)
attackers. Only then will the data be decrypted again. It may be
that, despite payment, nothing happens. But it is more the exception than
the rule. Cybercriminals who use Cryptolocker have an interest in
ensuring that ransom money will continue to be paid in the future. Should
word get around that this is not worthwhile, the willingness to pay would
decrease.
High Risk
Malicious software such as Cryptolocker is constantly being
developed. Today it can read passwords up to the most critical
account fully automatically and use them for the attack. There is
therefore a risk that after an attack, not only will the data be unusable, but
the entire system will have to be rebuilt. The direct (but also indirect)
damage of such an attack is immense. For start-ups or SMEs, it can reach
dimensions that threaten the very existence of the company.
Correct Procedure
If you are affected by an attack, it is important to act quickly but
nevertheless prudently. Disconnect the computer from the network and then
try to find out:
·
Which system is affected?
·
What did you observe?
·
When did the event occur or was it first noticed?
·
Which device was the malware installed on first?
Make a
note of what you were able to find and then contact the service desk of first
frame networkers ag immediately.
Checklist - this is how you can protect yourself
Our
information security experts will help you identify and weigh up cyber
risks. Here is an overview of some important protective measures:
·
Identify business-critical data and protect it with organizational and
technical measures.
·
Back up your data regularly. Follow the 3-2-1 rule: There should be
at least 3 copies of your data on 2 different media. 1 backup copy should
be in an external storage location.
·
Carry out maintenance: Operating systems and all applications installed
on the computers should be updated monthly, log files should be checked for
abnormalities and the data backup should be checked for recoverability.
·
Train your users and check their behavior in handling e-mails, for
example with our phishing service or through training with our experts.
·
Always use the latest virus protection like Protegent Free Antivirus with Crypto-Guard.
·
Use a firewall to segment your network into several areas. In this
way, you can at least contain the spread of an attack.
·
Use administrator accounts only where absolutely necessary. And
check the authorizations of the users regularly.

No comments:
Post a Comment