Select Page

In the following post, John Longo of OnSite Support Services discusses CryptoLocker, a new virus in the wild, and the steps you can take to protect your data against it.


cryptolockerCryptoLocker is a particularly nasty piece of malware that can effectively destroy files on Windows-based PCs beyond the ability of any data recovery process. Unlike other viruses, which may simply delete your files, allowing for the possibility of some file recovery, CryptoLocker will securely encrypt them, making recovery impossible without the encryption key held by the attackers.

This is offered only in exchange for a ransom payment. Paying the required fee is also no guarantee that your files will be decrypted and restored to you. Other malware has employed similar tactics in the past, but CryptoLocker’s encryption is much more secure and is currently not possible to crack.

The steps to guard against CryptoLocker are essentially the same good practices that should be employed to guard against any malware attack or hardware failure. Make sure your antivirus software is kept up to date, and backup your data often. Thankfully, most antivirus applications can now detect and remove CryptoLocker, but are only of use if they catch it before the encryption occurs.

Email is CryptoLocker’s primary mode of attack, so avoid opening any email attachments from untrusted sources or that appear in any way suspicious. When in doubt, delete the email. This should especially include attachments sent from banks or financial institutions and, particularly in the case of CryptoLocker, from courier companies such as UPS, or FedEx.

For additional information or answers to any questions you may have regarding CryptoLocker and cyber security, contact OnSite Support Services at 860-563-3906.