What is CryptoLocker and Why Do You Care?

What would you do if your network files were suddenly encrypted? Would you have a good backup to return to, or would you suddenly be unable to conduct business? That’s what happened to a Charlotte, NC law firm when their network fell victim to CryptoLocker.

CryptoLocker is a type of malware that is spread through fake emails. The victim clicks on an attachment or link in a legitimate-looking email, and their computer files are then encrypted, making them unavailable to the user. CryptoLocker then demands payment within three days in order to decrypt and recover the files. Infected files can include shared network drives, USB drives, external hard drives, network file shares, and cloud storage drives.

The United States Computer Emergency Readiness Team (US-CERT), a division of the Department of Homeland Security, encourages victims and network administrators to notify the FBI at the Internet Crime Complaint Center.

We can’t say it enough – if in doubt, don’t click. This malware has been spreading through phony FedEx and UPS tracking notices, as well as other emails designed to look like legitimate businesses. If you receive an unexpected email – from your bank, cell phone provider, delivery service, or even a greeting card from a friend – don’t click on any links or attachments. Even if it’s an email you WERE expecting, stop and think about whether it’s truly legitimate. Obviously we have to do business, and part of that includes opening attachments, but we’re asking you to be sure before taking action.

US-CERT has some good information on their website, including the following:

Avoiding Social Engineering and Phishing Attacks

Recognizing and Avoiding Email Scams

Using Caution with Email Attachments

For more information about CryptoLocker, click here. And to see the TV news story about the North Carolina law firm, click here.