The scammers send out e-males, which, when you click on a link, download a Trojan Horse, which installs the ransomware on your PC. The e-mails purport to notify you of a customer complaining about your organisation or tell you there is a problem clearing a cheque.
Cryptlocker is very robust: “Instead of using a custom cryptographic implementation like many other mail ware families, Cryptolocker uses strong third-party certified cryptography offered by Microsoft’s CryptoAPI” say DELL.
DELL suggest PC’s be blocked from communicating with hundreds of domains names it had flagged as being linked to the spread of Cryptolocker, and it suggested 5 further steps businesses take to protect themselves.
- Install software that blocks executable fields and compresses archives before they reach e-mail in-boxes
- Check permissions assigned to shared network drives to limit the number of people who can make modifications
- Regularly back up data to off-line storage. Network – attached drives and cloud storage does not count as Cryptolocker can access and encrypt files stored there
- Set each PC’s software management tools to prevent Cryptolocker and other suspect programs from accessing certain critical directories
- Set the computer’s Group Policy Objects to restrict keys – databases containing settings – used by Cryptolocker so that the mail ware is unable to begin the encryption process.
For more advice and information click here.