Skip to main content

How to avoid Cryptolocker and other ransomware

Law enforcement from around the world came together last week in an impressive sinkholing operation designed to disrupt two of the most troublesome pieces of malware on the planet: Gameover Zeus and Cryptolocker. These two spent much of last winter tearing through computers around the world, encrypting all the files on the hard drive and demanding payment to restore them. The NCA has estimated that around 15,000 computers may currently be infected in the UK. Worldwide, it runs into the millions.

Over the weekend, police managed to sinkhole the entire Gameover Zeus botnet infrastructure, and seized control of Cryptolocker's command-and-control servers. So great news for white hats everywhere. But then the UK's National Cyber Crime Unit put out a perplexing piece of advice: users now have two weeks to protect themselves from these two cyber nasties. So what does that mean? Why two weeks? And what can you do to protect yourself?

Well, the answer is basically the same as it's always been. There's no special tool or patch that'll keep you protected from Cryptolocker. It's just pure, common-sense cyber security.

1. Keep Windows up to date

If you aren't running Windows, stop right here. In fact, leave this article. Go read something else on ITProPortal, go wash the car or play with your kids. The two vicious botnets are only affecting Windows users, so this isn't something you should worry about. There are still plenty of malware threats out there, though – so make sure to keep everything up to date anyway.

2. Watch your post box for warnings

Internet users in the UK who are thought to be infected will be receiving correspondence from their internet service provider (ISP) soon, warning them that they are at risk. This is pretty unprecedented, and

If you get one of these notices, you must act immediately.

"People should not only protect their computers, but also ensure that they back up their data regularly," said security expert David Emm of Kaspersky. "This is particularly important in the case of ransomware. If you have a backup, even if you just manually drag-and-drop your files onto a USB drive, then you can avoid the need to pay the ransom if you do get infected with Cryptolocker."

3. Perform proper security maintenance has published a list of downloads it recommends to keep yourself protected.

Unfortunately, the massive demand for the service is causing the website to crash, and it's been offline for about 24 hours now. Not very helpful, we know – but hopefully it'll be up and running soon enough.

In the meantime, why not check out ITProPortal's article on 3 security tools you must have before you go online.

4. Use a password manager

Phishing gets a lot easier once the attacker has access to your personal data. Using long, complex passwords, and different passwords for each site you access will maximise your security on this front If you're not feeling up to that, why not get a password manager?

We've written up a rundown of all the best password managers available, so go check that out.

How many times do we have to tell you? Don't open them! If you don't know where an email came from, don't open it. If you weren't expecting an email from a colleague, don't open it. If the message in the text is generic and could have come from anyone, don't open it.

Don't rely on hovering over the link to see the URL, either – hackers are becoming more and more sophisticated at spoofing legitimates URLs in order to infect you with malware. This is the single most common vector of attack, so protect yourself from fake emails, and you'll be laughing.

For more email safety tips, check out our article on how to avoid getting stung by a spear phishing scam.

Final advice

The FBI and NCA's two-week window is a little bit of a vague guesstimate. They probably thought it would catch headlines (and it certainly has done that), but the message is always the same - make sure your antivirus software, and firewall, and everything else designed to protect you is up to date.