Massachusetts police have admitted to paying a bitcoin ransom after being infected by the Cryptolocker ransomware.
The Cryptolocker malware infects a computer, normally via a legitimate-looking email that urges the reader to open an attachment often posing as a voicemail, fax, invoice or details of a suspicious transaction that is being queried.
Once the Windows computer is infected, the malware encrypts the user’s hard drive and then begins displaying a countdown timer, while demanding payment for the release of the data of 2 bitcoins – an almost untraceable, peer-to-peer digital online currency – which at current exchange rates equates to about…$1338.
“(The virus) is so complicated and successful that you have to buy these bitcoins, which we had never heard of,” Swansea Police Lt. Gregory Ryan talking to the Herald News. “It was an education for (those who) had to deal with it.”
Ryan insisted that the Massachusetts police systems were now clear of infection, and that essential operational computers were not affected, nor was there any data stolen…
If a computer becomes infected it should immediately be disconnected from any networks and a professional called in to clear the machine. However, the current state of encryption technology means that it is unlikely the encryption can be unscrambled, and therefore the hard drive will likely have to be erased and restored from a backup.
The rules and procedures needed for protection are the same as they ever were. Don’t open attachments within unexpected emails. Social engineering is what it’s all about folks. Showing up on your cyber-doorstep with a plausible tale that sounds interesting and especially profitable. So, emails imitate correspondence from your bank, your best friend – whose system is already compromised – your grocery store or Doctor Oz.
Verify and validate on your own separate from any links you can click on. Your world isn’t going to come to an early demise if you miss an “important” communique from Microsoft. Even if it is genuine, they’re probably just trying to sell you something.
The solution is always easier if you’re doing regular backups. You then can wipe your hard drive – or even buy a new one – and restore your backup from a verified safe source and date. I use Apple’s Time Machine to perform incremental backups on my desktop computer once an hour. I use SuperDuper once a week to backup the whole hard drive. Each of those are to separate standalone hard drives.