Award winning Lister Trade Frames recently endured a cyber attack from one of the most pernicious web viruses called CryptoLocker, also known as Ransomware. It had 38,200 files destroyed in just 5 minutes.
It is estimated that Cryptolocker Malware has already infected over a 250,000 Windows based computers and this is expected to rise drastically over the next few months. Ransomware has been around for a long time now but this latest version has been developed by cyber criminals to bypass most firewalls and spam filters as it uses genuine third party cryptography accepted by Microsoft’s own CryptoAP software. In other words, the criminals have used Microsoft’s own tools to attack its Windows based systems.
The attack follows this course. An innocent looking e-mail with a message reading something like “Here’s your order/delivery confirmation”. It is opened and nothing happens. Sometime later, days, weeksthe computer is turned on and people then see a screen similar to the one shown, saying that personal files are being encrypted and that to get them back there needs a large amount of money paid, usually in ‘bitcoins’.
In the case of Lister’s, the computer was switched on and the Cryptovirus screen appeared. It surprised the member of staff who initially thought it was a joke and asked other colleagues if they had it. Someone quickly called over the IT expert who immediately recognised what it was and promptly unplugged and disconnected the laptop from the Lister’s network.
The above actions took just over 5 minutes from laptop on, to disconnection but in those 5 minutes, the Cryptolocker virus had destroyed 38,200 files and had jumped to 11 other computers in the business. The IT Team then spent the rest of the day, along with a local IT Security Specialist, D2NA, isolating and quarantining each computer and running a specialist program to destroy all traces of the virus. Lister’s lost a day’s work while this was done.
Lister’s has this advice:
- Firstly ensure that you enforce a companywide policy of not opening e-mail attachments or links from senders that you do not recognise or expect. In Lister’s case a single individual failed to do this and the virus attacked.
- Secondly, ensure that you have a secure, offsite backup system, updated regularly, so that when you have destroyed the virus (and that may need professional advice) you can restore any destroyed files from the backup.
Without taking pre-emptive measures, there is no doubt that irretrievable damage would have occurred.
Caption Screenshot of Cryptolocker attack on Lister Trade Frames that resulted in 38,200 files destroyed but which were could all be retrieved because of the trade fabricator’s back up system