Safeguarding data security and privacy is a constant battle. We always recommend the use of encryption for mobile devices, laptops and all crucial company data or consumer records containing personal, sensitive or medical information. In a devilish twist, however, cyber criminals have turned encryption against unsuspecting victims, to beg the question: “Are your computer files worth $300 to you?”
Since late last year, a fiendish “ransom Trojan horse” malware known as CryptoLocker has been circulating via e-mails and “drive by” downloads where a ZIP file attachment contains an executable file with the filename and icon disguised as a PDF file. When clicked upon the malware goes through a number of install steps and then attempts to contact remote servers to generate a 2048-bit RSA encryption key pair with the public key sent back to the infected computer. The virus then proceeds to use the key to encrypt all data files with certain common extensions – doc files, pictures, etc. – BOTH locally and across network connections accessible to the infected computer.
The bad actors then step in, and put up a message that for $300 they’ll send you the decrypt key to recover your files, hence the “ransomware” appellation. The problem is that there’s no guarantee that payment will result in receipt of the proper private key and the ability to decrypt and recover files. In addition the strength of encryption used is, effectively, unbreakable leaving victims in a tremendous bind if the files effected are unique and irreplaceable.
The FTC has put up various tips about how to protect yourself from Cryptolocker, under its Lock, stock, and peril article, but the best way to limit damage Cryptolocker is to back up computer files consistently and to locations that are password protected from casual network access.