Ransomware Strains: All About CryptoLocker

Ransomware Strains: All About CryptoLocker

By Courtney Heinbach

Cybersecurity preventative measures have become increasingly more necessary as organizations around the world face rising threats. While there is, unfortunately, no foolproof way to protect against ransomware attacks, there are steps managed service providers (MSPs) can take to educate their clients about the various ransomware strains that could drastically impact business operations.

According to our annual State of the Channel Ransomware Report, MSPs report that CryptoLocker is the top ransomware variant impacting clients. Your clients’ employees may not have heard of this particular ransomware strain (or any others for that matter), so the best thing you can do is help them understand the basics.

What is CryptoLocker Ransomware?

Some of the earliest strains of ransomware can be traced back as far as the 1980s with payments demanded to be paid through snail mail. Since ransomware has developed, most hackers will now charge the ransom in cryptocurrency such as Bitcoin, or by credit card. Fortunately, with technology, as it stands today, paying the ransom is not your only option when it comes to recovering your data.

CryptoLocker ransomware emerged in 2013, infecting over 250,000 devices in its first four months. CryptoLocker encrypts Windows operating system files with specific file extensions, making them inaccessible to users. Once files are encrypted, hackers threaten to delete the CryptoLocker decryption key that unlocks files unless they receive payment in a matter of days in the form of Bitcoins, CashU, Ukash, Paysafecard, MoneyPak, or pre-paid cash vouchers.

How to protect clients’ devices against Cryptolocker

For MSPs, client education is key, along with antivirus, email filtering, and other ransomware prevention tools. CryptoLocker is primarily executed via phishing emails with malicious attachments, so MSPs should prioritize educating their clients on how to identify a phishing attempt.

CryptoLocker is often executed via phishing emails mimicking Microsoft, Autodesk, FedEx, and UPS and targets users in the US, UK, Australia, Canada, India, and across Europe and Asia.



Suggested Next Reads