Byte Me Article 147 – Back up to avoid lethal blackmail

Backup to Avoid Lethal Blackmail

Two weeks in the IT world can be a very long time and in this case the whole ball game has changed in the last fortnight as far as I am concerned.  Last week we had several customers falling victim to an Internet threat that previously had little impact.  This Internet threat, known as Ransomware has always existed but only lately has it has shown the capacity to destroy ALL of your important data – without warning or recourse.

Ransomware is a small program that threatens a range of nasty actions if you don’t do what it is asking for – mostly with the aim to get some of, or all of your money!  Previously most of these threats have been idle ones and the only time they have been successful is when they have bluffed the victim into taking action and doing what they ask.  Things have radically changed as now we have a widespread version of Ransomware called ‘Cryptolocker’ which is no idle threat.

Effecting both businesses and the private sector Cryptolocker will destroy ALL of the important information that you have stored on your computer and the ONLY way to get it back is from a recent backup.  So how do you get this scourge?  It has been doing the rounds as an email disguised as an official notification from your bank or from the ATO or from a freight company and it can look very authentic.  I have even seen a very clever strain that can look as if it has come from an email address within your own company asking you to review and sign the attached documents ASAP.

2013-10-19 Byte Me Article 147- Scourge of the Internet

The email will have an attached Zip file and it is this file which contains the catastrophic programming.  Once run it searches for any user data files on not only your PC but also on your network and encrypts each individual file with a security code that cannot be undone.  The Ransomware then tells you what it has done and demands a payment of $300 US before it will unlock all of these same files.

Initially people that paid the ransom were getting their files unlocked but now this has changed as well with different governing bodies on the Internet trying to shut these scum perpetrators down.  The end result here being that there is NO current fix and once again the only backup plan is to have ‘a backup’.  Another important fact is that people and companies that have gone to ‘cloud’ based storage are not safe either.  This Ransomware will kill all of your data in the cloud as well – unless you have an offline backup or an encrypted backup in place.

We have a number of customers that we have chased for years to have a proper backup system in place who have previously chosen to ‘wing it’ and hope for the best.  I can’t stress enough how significant this new threat is and I suggest that in future we will see many more ‘copycat’ threats based on the coding of this one.

These new threats that have a ‘bite as bad as their bark’ are adding many new nails to the coffin of a user’s lost data if there is not a proper recent backup in place. 

Future Byte Me topics can be emailed to [email protected] and Bruce is contactable at Kerr Solutions, 205 Musgrave Street or on 49 222 400.

For more advice and assistance from Kerr Solutions, like and follow us on Facebook