Cryptolocker…It’s As Sinister As It Sounds

November 4th, 2013

Even as Halloween candy still may be brimming over the top of your kids’ pumpkins, the nasty virus with the sinister name, Cryptolocker, may be lurking around your cyber-neighborhood.  Cryptolocker is a form of ransomware: software that locks you out of something until you give it what it wants (usually money). It is currently being spread via malicious email attachments, or can be deployed by hacked and malevolent Web sites by exploiting outdated browser plugins. What makes Cryptolocker so potent is its sound use of cryptographic techniques. Similar to the same technologies that keep us safe while purchasing products online or using online banking, Cryptolocker has employed such techniques to encrypt all your files and take you hostage.

Once received, this malware scans every drive on your PC (hard drives, flash drives and even network shares) for file types such as your pdf, Word docs, Excel spreadsheets and your pictures.  The virus then encrypts them – locking them up, hence the name - leaving you with nothing but a notice about the foul act it has just performed (see image below). It allows you about 3 days to pay up or it deletes their side of the encryption key.

Sadly, once your system has been attacked, you are very much up the proverbial creek. You cannot remove it like a normal virus without losing all the files it encrypted. Reports have been published saying even if you do pay up the $300 they request, their decryption programing sometimes will not work. And although we realize it could be unbearably tempting to do just about anything to recover certain files, don’t deny ethical considerations are at stake here as well…Most importantly, there is no guarantee you’ll receive a fair transaction from crooks – and if you show you are susceptible to blackmail, what’s to stop them from trying again?  Additionally, know that every penny you pay them will fund their endeavors to target other victims.

So, really, there is no other viable option but to defend against this kind of brute force attack.

Here are 4 things you can do right now to help prevent the invasion of this malevolent entity:

  1. Stay patched. Keep your operating system and software up to date. As we shared just last week in our most recent white paper, vulnerabilities are an easy way in for malicious activity.
  2. Make sure your anti-virus is active and up to date.
  3. Avoid opening attachments you weren't expecting,
  4. Make regular backups, and make sure they are stored safely.

For more details on the Cryptolocker virus, we’ve rounded up a few helpful links for you:


If you have any questions about the Cryptolocker virus – or protecting your organization’s system from other threats – contact us at The Fulcrum Group today.