Another Cryptolocker virus victim. Do you have a backup? Are you *sure*?

I’ve written a number of times on the Cryptolocker virus but just got a call from a client that walked into her office this morning to find that all of her files had been encrypted and she had no backup.  I know that folks are busy and I know that backups can slip to the last thing on your mind very easily but I can’t stress enough that, if you get nailed with this thing, your *only* options to get your data are a) restore from backup or b) pay up (in this case, it’s a $400 ransom).  If you don’t have a backup, you’re left with a single option (pay up).  

Readership on the out of band emails that we send is generally very low so I will keep this short.  

  • Be vigilant about updates.  At the very least, Microsoft, Adobe and Java.
  • Be vigilant about virus protection.  We recommend ESET NOD32.  I am also a fan of F-Prot.  The free products (Microsoft Security Essentials, AVG Free, Avast, etc.) are better than nothing but they’re just not keeping up.
  • Be vigilant about backups.  We use CrashPlan and have been very pleased.  We have a number of clients that are using Carbonite and have had good luck with Carbonite but have been more impressed with Crashplan (especially in an actual disaster scenario).  The important thing is to have backups that are versioned (e.g., you don’t just have the very last version of the file, but the last couple of versions so that you don’t only have a backup of the infected version) and disconnected (e.g., if your only backup destination remains connected to your server, it’s very possible that your backup will get encrypted along with everything else).