Out of the menagerie of virus attacks, RansomeWare (CryptoWall,CryptoLocker) is the most dire threat facing users, businesses, and networks. Typically delivered in an email making false claims, for instance a FedEx delivery, these scams lure unsuspecting users into opening an attachment or visiting a webpage. Within a few hours the entire network is infected. The virus courses through the network seeking any file share it can access, encrypting files making the entire system unusable. The virus leaves a message demanding payment in exchange for the key to un-encrypt the drives on their network.
The operators of these Ransomware scams see themselves as businessmen. Gone are the days of hackers making viruses simply to prove they can. These criminals discovered an easy way to extort money at no cost to themselves from victims all over the world.
As with other viruses the best prevention is a combination of education, anti-virus, and backup. We recommend a NAS (Network Attached Storage) for local backups along with an off-site cloud based solution. We find, because the attached storage and off-site backup are isolated from the file sharing system the worm is trying to infect, it stands the best chance of surviving the attack. We have recovered complete networks infected by Ransomware from a backup on a customer’s NAS.