How to Prevent Crypto Locker

Over the past few weeks i have had more and more customers of Aus Net Servers asking my staff and i how they can prevent crypto locker from stealing their data. So i thought this would be a good subject for our new Friday education session.

 

The simple and easiest answer is you can’t. Crypto locker uses the built in Windows Encryption software to encrypt your files with a 256bit encryption key. To crack such a key which is the same as what our banking sector uses it would take around 250 Playstation 4’s 51 hours to crack the key. The sad factor is that generally its to late before you know what has happened.

 

Its all about education and being vigilant online, every reputable company will always address you by your first and last name and will NEVER address you with “Dear Sir / Madam” or “Hi”

 

I urge each and every customer of Aus Net Servers Australia to follow these simple steps that makes your data crypto locker proof.

 

Your Computer >> External Storage (NAS) >> Portable Storage / Online Backup.

 

Crypto locker can only run off an infected windows operating system and as such can not touch the data that is not networked off the infected machine. So in short my scenario above is crypto locker proof.

 

Here is a short explanation, Crypto locker can only execute valid and accessible network shares and your local files Any data stored on a portable hard disk or in the cloud hanging off your NAS is 100% safe.

 

I have read some horror stories and seen a few people do some pretty drastic things to stop crypto locker on their network. Some of those things include disabling the windows encryption software completely others paying the random.

 

Its important to backup your data regularly

 

The truth is, these guys are crooks. Under no circumstances should you pay them. There is no guarantee that they will give you access to your files after you pay them or not lock you out of your data again in a short period of time and demand more money.

Its important and i can not stress this enough. You must have offline backups of all your files. This mean backups of your files that are updated regularly and are not connected to the internet. There are many solutions that are available and we are more then happy to have a talk to business customers

 

Crypto locker is a form of malware, its not a virus and as such traditional anti virus suites will not pick it up and remove it. Hardware firewalls generally can scan the attachment signature and in some cases notifies the system administrator or removes the attachment from the email.

 

Its paramount that you NEVER open an attachments from anyone you do not know and if you do get an attachment from someone you know, it’s always a good measure to ask if they sent you that email to make sure its not being sent without their knowledge.

These criminals will always be one step of us if we do not educate our selves

 

Here is some things to look out for:

 

  • Check the spelling and grammar of these emails, generally it will be very poorly written, however of late they seem to be copying and pasting the body of emails from legitimate companies
  • Check the senders email address, make sure the senders email address matches who they are claiming to represent
  • (Advanced) check the email headers to make sure the email was sent from a SMTP server and not PHP Mail and the server that processed the mail was the legitimate company in question

 

As of current i know there are cryto locker viruses from the following sources:

  • AGL
  • Powercore
  • Telstra Online Billing
  • PayPal
  • AustPost

 

If you have any questions or concerns feel free to give us a call on 1300 933 038

 

EOFY Specials

Take advantage of our extended promotion of 50% off our hosting products ( Web Hosting, DNS Hosting, Email Hosting and TeamSpeak Hosting packages until the end of June 2016. Contact us today to see what Aus Net Servers Australia can do for your business.

 

Residential Web Hosting

Business Web Hosting

cPanel Reseller Web Hosting

 

Basic cPanel Email Hosting

Microsoft Hosted Exchange

 

 

 

Planned Network Upgrades [Friday 03/06/2016 – 6PM – 9PM]

This is a final advisory about our planned network upgrade due to take place tomorrow (Friday 03/06/2016) between 6PM – 9PM. We expect the following services to be affected by this upgrade:

 

> Web Hosting
> VDS / VPS Servers
> Dedicated Servers
> Stream Hosting
> Teamspeak 3 Hosting Services
> DNS Hosting
> Email Hosting (cPanel Basic Email Hosting & Exchange)
> SIP Trunks + 1300/1800 Numbers

 

The following services WILL NOT be effected:

 

> NBN Internet Services (NBN / Wireless)
> ADSL 2+ Services
> Fibre Services
> Ballarat WiMAX Services

 

Why am I getting this email?
We have identified that you have an active service with us that will be effected by this outage

 

What is happening in the upgrade?
We are upgrading our fibre backhaul to our datacentre and replacing aging core network hardware as well as adding more Hardware firewalls


What do i need to do?
Nothing. This is an advisory email, your services will gracefully go down at 6PM and should come back up before 9PM.

 

We urge that you make alternate arrangements for your service should you need to during this period.

 

Please note that during this outage both the ANSA Call Centre will be operating in a limited state as well as our websites and clustered dns servers will go down.

 

Should you have any further questions please feel free to get in contact with us before 4PM on 1300 933 038.