Heard on the five o’clock TV news yesterday that there is a new and unbeatable computer virus on the loose. According to the broadcast, this virus will encrypt, with military grade encryption, every file on a computer, and then send a message that the victim has three days to send a ransom of $300 to the hacker. If this is sent, the files will be decrypted, but if the ransom is not sent, all these files will be permanently erased. It even provides a countdown clock that shows how much time is left before the files are destroyed. Also included are detailed instructions of how this ransom is to be sent.
The report further stated that this virus cannot be removed by any currently known methods, and the only safeguard is to have a flash (I think that’s what it’s called) backup of your entire computer disk.
Has anyone else heard of this sort of thing? Haven’t heard of this from any other source, but the news broadcast seemed to know what they were talking about.
Ransomware isn’t anything new. Wikipedia even has an article about it.
The latest one going around is Cryptolocker, which is described in the wikipedia article.
Personally, if I get hit by something like this, I just wipe the hard drive, reinstall the OS, and copy the files from my external backup. It’s a bit of a pain, but no hacker is going to get any money from me.
There are various ways to backup your system to the “cloud.” You can use a service like Mozy or Carbonite, which use software installed on the computer to backup designated folders or directories to their servers. Usually a small amount of storage is free and then they charge for more. Some of the big companies like Google or Apple let you store files on their servers for free but the services like Mozy and Carbonite are automatic, refreshing the backup as files change. Personally, I use Mozy for backing up about fifty gigabytes of the most important stuff and then do a monthly backup of the whole system to two external drives, one of which I keep at the office.
Where are you getting multi TB cloud storage? I can do it with my system if a customer wanted to pay for it, but usually something like this would be a couple hundred a month at least.
Yes, but not quite what the OP said. The Snopes article says " When a user opens such a message, CryptoLocker installs itself on the user’s system, scans the hard drive, and encrypts certain file types, such as images, documents and spreadsheets."
The articles I read were saying it can even target backups on shared network drives and the like. If I have an automatic wireless backup to an external hard drive, would that be secure or should I be backing up to something that ultimately is totally offline?
A cloud backup is nice because it’s on an external system and therefore isn’t affected by what happens on your local system.
I personally use an external USB drive which I move from machine to machine and keep powered off when not in use. If it is powered off and unplugged when the virus hits, it won’t be bothered either. You’re only at risk if you plug the drive into an infected machine.
A network drive or an external drive that is powered up and running and attached to the machine are both vulnerable to virus attacks.
It’s interesting that the folks at Symantec and Kaspersky strongly suggest that if you get your files locked that you don’t pay. The rationale is that if no one pays up, the cyber-crooks will go out of business.
Are my files worth 300 bucks? Well, there’s probably 300 hundred hours of my time, more I’m sure, in my files and I charge more than a buck an hour. I’d pay.
The virus, when it installs and runs amok, will encrypt a variety of business-like files - MS Office documents and spreadsheets, JPG photos, etc.
The encryption is standard encryption, theoretically unbreakable in a practical timeframe. Have not heard whether paying the ransom works.
The key point is - it encrypts everything it can see as soon as it runs. If you have your USB stick or drive plugged in and running (Let’s say it’s the H: drive) then when the virus starts doing its thing, it will encrypt th files on there, too. Hopefully, when you realize your computer is infected, you don’t then plug in your safe backups and allow the virus to also encrypt those.
So that’s the key point- to be safe, your backup must be offline, inaccessible, unmodifiable until you sort out the problem and get rid of the virus. You don’t need a cloud; a USB drive kept unplugged when not backing up works as well, provided you don’t plug it into the infected computer.
The one case I ran across, they had 11 years of business files and no backup. They were trying to find $300 worth of bitcoin to pay the “ransom”, but having trouble locating that on short notice. Some local bank or whatever would only sell them, IIRC, about $50 at a time, once every 24 hours, so they had no way to raise the amount within the 72 hours allotted. Not sure how it ended, but “screwed” comes to mind.
Of course, if the authorities were to find and shut down the central server with the keys there would be no way to decrypt either.
Even cloud backups aren’t necessarily safe. On TWIT this week they pointed out that services that constantly backup in the background could be vulnerable unless they do versioning. Dropbox updates your backup almost as soon as a file changes. That means your cloud backup is probably encrypted as well. They were stressing the value of regular offsite AND offline backups.
One thing that bugs me about the reporting is that it isn’t a virus. It’s a trojan, in this case a .exe file with a name and icon that makes it look like a pdf document if file extensions are hidden. It’s spread by sending it in emails that look like they came from UPS or FedEx.
And KarlGauss, do you really think they’ll unlock your files if you pay? I wouldn’t count on it.
What does paying have to do with getting your files back? Your options are to lose your files, or to lose your files and probably thousands of dollars and your credit rating.
What, don’t tell me you expect the people running these things to be honest, do you?
If you pay they send you the key to decrypt your files. If they didn’t their scam would be over as soon as the word got out. There’s no way for them to take more than you sent them or ruin your credit.
Paying is an option if your files are important to you and yet you’re too stupid to have a backup.
