Housing association avoids the impact

When a customer of Plan B was hit by a cryptlocker attack last week, their file server was rendered inaccessible, leaving employees without the ability to access their files. Cryptolocker is a form of ransomware which aims to extort money from companies. By encrypting files, the attackers can demand payment in order to release the key which will decrypt them. And by attacking a file server at the hub of a business’s operation, attackers can render a business inactive for the period of time the files are scrambled. So, obtaining the key as quickly as possible if often at the forefront of a business’s mind. Fortunately, you can protect yourself against cryptolocker and in our customer’s case, thanks to their adoption of a robust disaster recovery solution, they were able to access their files via our appliance which takes 24-hourly images of their system files and tests them to verify the are working. Following a call from our customer asking us to help, a file restore process was agreed. We could immediately start sending them over the files that they needed, in order of importance, to give them access to their critical files again. Within a few hours they had received their entire file server files and were back to business as usual, without having to pay any financial penalties.

How can you protect yourself against Cryptolocker?

Crytolocker ususally arrives by email so there are some guidelines you can follow to try and prevent a cryptolocker attack:

  1. Verify who the sender is. Often the [from] name is made to look like a trustworthy source by a cryptolocker attacker so you need to open the email to view the sender’s full email address. This can often give you clues when a sender is not genuine. If you’re unsure whether it is a genuine email ask the sender (e.g. if it looks to have come from your bank, contact your bank to ask them) – it’s better to be safe than sorry.
  2. Carefully read the full content of the email. Often there are clues that an email is not genuine. Is the language correct? A reputable company will always use good language and grammar.
  3. Do not click links or download files – especially zip files or exe files. These should all be treated with caution. If you have a feeling that an email is strange, follow your instinct and don’t open it. If you feel it is something you need to access, contact the sender and ask them to verify that they sent you the link or attachment.
  4. Keep your software up to date to ensure that you are not leaving yourself open to any vulnerabilities.
  5. Backup your data. And send it offsite so it is held independently from your live platform. This limits the likelihood of it being scrambled by a crytolocker attack.
  6. Test your backups regularly. With over a quarter of DR tests failing, it’s important that you test regularly to ensure your backup data is recoverable.

If you’re concerned about Cryptolocker and would like some advice, contact Plan B on 08448 707999 or info@planb.co.uk