The solution to CryptoLocker and Ransomware? Prevention

CryptoLocker is a ransomware a malware that silently encrypts data to ask for a ransom to decrypt them, a true source of headaches for most system administrators.

It’s believed the first version of CryptoLocker was released on September 2013 but other ransomware has been developed since then.

The encryption is very very strong, 4096-bit, and it’s simply impossible to get the data back without a decryption key.
You can pay the criminals but there’s no guarantee they’ll give you a working decryption key. We discourage to feed this criminal market.

Good backup and security practices are the only tools we have to protect ourselves and our customers from this threat:

  1. Data must be backed up with adequate cadence
  2. Good data retention policies are necessary, you need to be able to restore data at least two weeks old, better a month
  3. Backup integrity checks must be performed coherently with the backup cadence and the retention policies, in case of infection the corrupted files will be backed up at each execution
  4. The backup folders must be inaccessible to the normal users of your network, so Cryptolocker or other ransomware won’t be able to access them
  5. Never let CryptoLocker or other ransomware run as the domain administrator or other full-privileged accounts
  6. Educate the users! Seriously, this is the most powerful defense.. being able to restore the data encrypted by CryptoLocker or other ransomware won’t protect you from the costs of such operation. Restore times – and so costs – can be reduced but not eliminated, it’s better to prevent the infection rather than fix the damages

Most of the points are clear and straightforward. Maybe you are wondering how to create a backup destination that neighter a normal user nor CryptoLocker won’t be able to access.

We found two effective ways to create a secure backup folder for Uranium Backup

  1. How to protect your backup folder from CryptoLocker and other ransomware in an Active Directory Domain Services
  2. How to protect your backup from CryptoLocker and other ransomware using an FTP destination

It’s up to you to select the schema more effective and efficient in your scenario.

Note: you need an Uranium Backup Base or higher for both the backup strategies.