Cryptolocker Protection Tips

Law enforcement from around the world came together last week in an impressive sinkholing operation designed to disrupt two of the most troublesome pieces of malware on the planet: Gameover Zeus and Cryptolocker. These two spent much of last winter tearing through computers around the world, encrypting all the files on the hard drive and demanding payment to restore them. The NCA has estimated that around 15,000 computers may currently be infected in the UK. Worldwide, it runs into the millions.

Over the weekend, police managed to sinkhole the entire Gameover Zeus botnet infrastructure, and seized control of Cryptolocker's command-and-control servers. So great news for white hats everywhere. But then the UK's National Cyber Crime Unit put out a perplexing piece of advice: users now have two weeks to protect themselves from these two cyber nasties. So what does that mean? Why two weeks? And what can you do to protect yourself?

Well, the answer is basically the same as it's always been. There's no special tool or patch that'll keep you protected from Cryptolocker. It's just pure, common-sense cyber security.

1. Keep Windows up to date

If you aren't running Windows, stop right here. In fact, leave this article. Go read something else on ITProPortal, go wash the car or play with your kids. The two vicious botnets are only affecting Windows users, so this isn't something you should worry about. There are still plenty of malware threats out there, though – so make sure to keep everything up to date anyway.

2. Watch your post box for warnings

Internet users in the UK who are thought to be infected will be receiving correspondence from their internet service provider (ISP) soon, warning them that they are at risk. If you get one of these notices, you must act immediately.

3. Perform proper security maintenance

GetSafeOnline.org has published a list of downloads it recommends to keep yourself protected. 

Unfortunately, the massive demand for the service is causing the website to crash, and it's been offline for about 24 hours now. Not very helpful, we know – but hopefully it'll be up and running soon enough.

4. Use a password manager

Phishing gets a lot easier once the attacker has access to your personal data. Using long, complex passwords, and different passwords for each site you access will maximise your security on this front If you're not feeling up to that, why not get a password manager?

5. Don't open suspicious links

How many times do we have to tell you? Don't open them! If you don't know where an email came from, don't open it. If you weren't expecting an email from a colleague, don't open it. If the message in the text is generic and could have come from anyone, don't open it.

Don't rely on hovering over the link to see the URL, either – hackers are becoming more and more sophisticated at spoofing legitimates URLs in order to infect you with malware. This is the single most common vector of attack, so protect yourself from fake emails, and you'll be laughing.

Final advice

The FBI and NCA's two-week window is a little bit of a vague guesstimate. They probably thought it would catch headlines (and it certainly has done that), but the message is always the same - make sure your antivirus software, and firewall, and everything else designed to protect you is up to date.