Protecting your Computer from Ransom-ware

There is a new type of computer malware spreading on the internet: it’s called “ransom-ware”. This malicious program infects your computer, like a computer virus, but it also encrypts all your files! Then it demands payment (via Bitcoin) in order decrypt your files. In other words, it holds your computer files for ransom, quite literally. The most common version of this type of malware is called “CryptoLocker”.

Computer security author Brian Krebs summarizes the problem:

Over the past several weeks, a handful of frantic Microsoft Windows users have written in to ask what they might do to recover from PC infections from “CryptoLocker,” the generic name for an increasingly prevalent and nasty strain of malicious software that encrypts your files until you pay a ransom.

The trouble with CryptoLocker is not so much in removing the malware — that process appears to be surprisingly trivial in most cases. The real bummer is that all of your important files — pictures, documents, movies, MP3s — will remain scrambled with virtually unbreakable encryption unless and until you pay the ransom demand, which can range from $100 to $300…. (Krebs on Security)

Actually, in recent weeks, CryptoLocker has upped the ransom demand to well over $300. In fact, a recent news story reported that a Massachusetts town police department had their computers infected by CryptoLocker. They paid the ransom of about $750 in Bitcoins. Here’s all the details on that story.

What can you do to protect yourself from this threat? First, make sure you backup all your files. I use Shadow Protect to make a full backup of everything on my hard drive. In the past, I’ve been able to completely restore a crashed computer in that way. I also keep a separate backup on USB drive of my most recent and most important files. So the full backup is repeated every once in a while (weekly or monthly) and the backup of current working files is done more frequently.

Will antivirus software protect your computer from CryptoLocker? Perhaps not. Even if an antivirus program can remove the infection, the files are still encrypted. However, there is a small free program that specifically protects against CryptoLocker, called “CryptoPrevent”

“CryptoPrevent is a tiny utility to lock down any Windows OS (XP, Vista, 7, 8, and 8.1) to prevent infection by the Cryptolocker malware or ‘ransomware’, which encrypts personal files and then offers decryption for a paid ransom.”

“Incidentally, due to the way that CryptoPrevent works, it actually protects against a wide variety of malware, not just Cryptolocker!” (CryptoPrevent)

I installed CryptoPrevent on all the computers in my home. Get the FREE version of CryptoPrevent here. Scroll down to the big blue “Download CryptoPrevent Installer” button, click it and download and install the software. (I use the paid version, which offers automatic updates. But the free version should work just fine.)

– Thoreau

2 Responses to Protecting your Computer from Ransom-ware

  1. What’s a bitcoin? No matter I have good backups. What irritates me about malware is the less then active effort to find and punish the perps. Or for that matter the weak effort on the part of the computer software companies to make the systems more robust.