Skip to main content

Another day - another cryptolocker infection

By
All too frequently we are still seeing people being affected by ransomware. It's pernicious and hard to get rid of once you've got it. If you haven't had it, then this is what happens - you open an innocent email and your computer starts to perform a bit sluggishly. Most people shrug this off then go to open a Word Document or Excel Spreadsheet and can't. It has .ENCRYPTED after it and there are files appearing in all your directories on how to pay to get your data decrypted. A sense of doom starts to build in the pit of your stomach and you watch as the files on your network drives start being encrypted too. Hopefully you pull the power plug and call your IT guy at this point. Then the tough stuff begins....

To stop this from happening here are some tips to keeping your PC cryptolocker free:

  • don't try to open a zip file emailed to you - if someone is sending one to you, make sure they establish contact first - it's OK to email them back to ask if they meant to send it. Most companies won't send you a zip file with their bills in it - the AGL email that recently infected a number of people is an example of this. They send their bills as a PDF
  • hover your mouse over any link in an email *before* clicking it - you'll see the actual address the hyperlink points to when you do this. Just because it says www.google.com/alkajsdflkjadf doesn't mean it actually points there. The hyperlink goes around the text to send it to the web and it could go anywhere!
  • while backups are important, RESTORES are mandatory - a phrase I heard at SAGE-AU years ago and it's still true. There are great free options out there - from Time Machine on the Mac, to CrashPlan across many platforms, Carbonite, ShadowProtect and so on. Get one, have a backup to a USB drive, and then to another USB drive - a bit of a pain to cycle through the backups, but what is your data worth to you? It's a sad situation that most people won't have the faintest idea until every word document they've ever written is encrypted and carries an $800USD price tag to decrypt it. Put an entry in your calendar to backup and do it. 
  • did I mention backups? Let me reiterate - back up your data! Test the backup! Have it disconnected from the network and don't rely on a single data storage place to back up to. If that gets corrupted (and I've seen it happen) - it's still all over
  • go slower when you are readying your emails. Take your time to really check what you've got and why they want you to click on that shiny, interesting looking link. Phishing emails, cryptolocker and other infections are just a mouse click away....


It's a dangerous world, opening up an email program on your computer or a web browser. You never know where it will take you or the risks that it will entail. You can be safe, if you exercise some commonsense!
Labels:

Comments

Post a Comment

Popular posts from this blog

Plone - the open source Content Management System - a review

By
One of my clients, a non-profit, has a lot of files on it's clients. They need a way to digitally store these files, securely and with availability for certain people. They also need these files to expire and be deleted after a given length of time - usually about 7 years. These were the parameters I was given to search for a Document Management System (DMS) or more commonly a Content Management System (CMS). There are quite a lot of them, but most are designed for front facing information delivery - that is, to write something, put it up for review, have it reviewed and then published. We do not want this data published ever - and some CMS's make that a bit tricky to manage. So at the end of the day, I looked into several CMS systems that looked like they could be useful. The first one to be reviewed was OpenKM ( www.openkm.com ). It looked OK, was open source which is preferable and seemed to have solid security and publishing options. Backing up the database and upgradin
Post a Comment
Read more

Musings on System Administration

By
I was reading an article discussing forensic preparation for computer systems. Some of the stuff in there I knew the general theory of, but not the specifics of how to perform. As I thought about it, it occurred to me that Systems Administration is such a vast field. There is no way I can know all of this stuff. I made a list of the software and operating systems I currently manage. They include: - Windows Server 2003, Standard and Enterprise - Exchange 2003 - Windows XP - Windows Vista - Windows 2000 - Ubuntu Linux - OpenSuSE Linux - Mac OSX (10.3 and 10.4) - Solaris 8 - SQL 2005 - Various specialised software for the transport industry I have specific knowledge on some of this, broad knowledge on all of it, and always think "There's so much I *don't* know". It gets a bit down heartening sometimes. For one thing - I have no clue about SQL 2005 and I need to make it work with another bit of software. All complicated and nothing straightforward. Irritating doesn&
Post a Comment
Read more

Traffic Monitoring using Ubuntu Linux, ntop, iftop and bridging

By
This is an update of an older post, as the utilities change, so has this concept of a cheap network spike - I use it to troubleshoot network issues, usually between a router and the network to understand what traffic is going where. The concept involves a transparent bridge between two network interface cards, and then looking at that traffic with a variety of tools to determine network traffic specifics. Most recently I used one to determine if a 4MB SDSL connection was saturated or not. It turned out the router was incorrectly configured and the connection had a maximum usage under 100Kb/s (!) At $1600 / month it's probably important to get this right - especially when the client was considering upgrading to a faster (and more expensive) link based on their DSL provider's advice. Hardware requirements: I'm using an old Dell Vostro desktop PC with a dual gigabit NIC in it - low profile and fits into the box nicely. Added a bit of extra RAM and a decent disk and that&
6 comments
Read more