Return to Blog
March 24, 2021

What is CryptoLocker Ransomware and How Does it Work?

By Courtney Heinbach

Cybersecurity preventative measures have become increasingly more necessary as organizations around the world face rising threats. While there is, unfortunately, no foolproof way to protect against ransomware attacks, there are steps managed service providers (MSPs) can take to educate their clients about the various ransomware strains that could drastically impact business operations.

According to our annual State of the Channel Ransomware Report, MSPs report that CryptoLocker is the top ransomware variant impacting clients. Your clients’ employees may not have heard of this particular ransomware strain (or any others for that matter), so the best thing you can do is help them understand the basics.

What is CryptoLocker Ransomware?

Some of the earliest strains of ransomware can be traced back as far as the 1980s with payments demanded to be paid through snail mail. Since ransomware has developed, most hackers will now charge the ransom in cryptocurrency such as Bitcoin, or by credit card. Fortunately, with technology, as it stands today, paying the ransom is not your only option when it comes to recovering your data.

CryptoLocker ransomware emerged in 2013, infecting over 250,000 devices in its first four months. CryptoLocker encrypts Windows operating system files with specific file extensions, making them inaccessible to users. Once files are encrypted, hackers threaten to delete the CryptoLocker decryption key that unlocks files unless they receive payment in a matter of days in the form of Bitcoins, CashU, Ukash, Paysafecard, MoneyPak, or pre-paid cash vouchers.

How to protect clients’ devices against Cryptolocker

For MSPs, client education is key, along with antivirus, email filtering, and other ransomware prevention tools. CryptoLocker is primarily executed via phishing emails with malicious attachments, so MSPs should prioritize educating their clients on how to identify a phishing attempt.

CryptoLocker is often executed via phishing emails mimicking Microsoft, Autodesk, FedEx, and UPS and targets users in the US, UK, Australia, Canada, India, and across Europe and Asia.

Related

How Two River Technology Group Achieved Powerful Outcomes With Datto RMM

Two River Technology Group is a modern managed service provider (MSP) hailing from Holmdel, New Jersey.

Datto RMM: Ofrece una Seguridad Integral, no una Seguridad Compleja

Aproximadamente el 77% de las PYMEs creen que sus entornos informáticos se han vuelto más complejos en los últimos dos años

Want to learn how Datto can help with Datto RMM?
Learn More

Suggested Next Reads

CyberSecurityToolkit

What Is Security Awareness Training?

As cyberthreats continue to evolve and increase in sophistication, the significance of security awareness training cannot be overstated. It has […]

April 03, 2024 | Chris McKie