Skip to main content

CryptoLocker protection


More and more people are getting caught by CryptoLocker, malware that encrypts your files and then asks you for a ransom to get them back. As paying a few hundred quid; compared to losing years of important business data or valuable family photos is less frightening, 40% of the affected users will pay the ransom.

1. What is it?

CryptoLocker is a fairly recent piece of malware that encrypts some (or all) of your files and keeps them encrypted until you pay a ransom. Once you've been attacked, you will no longer be able to open your files and documents. This includes Word docs, Excel spreadsheets, PDFs, PowerPoint files and many more. 

There are lots of ways to prevent your files from being affected, but if you are affected the only ways to recover is to pay the ransom or restore from a good backup. Up to date anti-virus is a must but it might not stop CryptoLocker as the criminals behind it actively work to change it so that it is not detected.

2. How does it affect your computers?

CryptoLocker is malware and also a Virus. Malware is a piece of unwanted code a user has to trigger, a virus is a piece of undesirable code that installs itself on your systems without anyone triggering it. The main way CryptoLocker is installed is through malware.

How does a user trigger malware?

One of the most common ways is via email. You receive an email from an unknown source (or even known source sometimes) asking you to download and install a file (usually .exe or .zip files). Opening the attached files launches the attack, finding and encrypting all the files you have access to, including external and networked drives. Having a cloud based mail filtering solution can dramatically reduce the number of bad emails.

Another trick CryptoLocker uses to make users trigger the malware is by asking them to download and install a video driver or codec file. It seems legit, and that's why many people get caught.

How does it install itself without any input?

You browse a malicious website that exploits an out-of-date version of Java that allows the malware to be installed; or one of the adverts displayed across a number of sites has been updated to exploit older versions of Adobe Flash.

3. How to avoid it

  1. Ensure you are using a up to date anti-virus product. The anti-virus vendors will catch up to this issue and continue to protect you from other viruses.
  2. Implement cloud based email filtering as these systems will scan emails with 2 or 3 different sets of anti-virus as well as blocking known bad senders and emails that look a certain way.
  3. Be certain that any device added to your network has appropriate controls in place and is trusted.
  4. Don't download and install software from unknown sources.
  5. Be suspicious of emails, their links and attachments. If you weren't expecting the email, be very careful.
  6. Make sure you have a good backup that is NOT immediately accessible by computers on your network

CryptoLocker uses your own fear, uncertainty and doubt to trick you into installing it. If in any doubt, consult your IT support team immediately and they will guide you.

4. What to do

According to geek, about 40 percent of CryptoLocker victims pay the ransom that is asked. Do not pay the ransom! Paying the ransom encourages the creators of CryptoLocker to continue as they are getting paid for their actions.

It is paramount to setup regular backups of your files and systems. If you get attacked by CryptoLocker, restoring the files from a backup is currently the only way to get you up and running again.

Remember that in the case of CryptoLocker your best defence is prevention, so NEVER download unknown files or documents, keep Java and Flash up-to-date and keep regular backups of your files and systems.

If you think you may be a victim of CryptoLocker or want to setup backups, update your anti-virus and implement a cloud based email filtering tool, please get in touch with Transcendit's team of engineers on 0191 482 0444 or use our contact form.

The Transcendit Way

Transcendit understand that when you choose to work with us, whether we're taking care of your IT, app or web development, you're trusting us with part of your business. So whether we're looking after your computers, phone systems or servers we always do things 'the Transcendit way'.

The whole of our team adhere to the same values, beliefs and policies - the principles that were written when Transcendit first formed in 2000. Whether you come to us for cloud services or recovery backup you can be confident that you'll always receive the same excellent service.

The Transcendit way outlines how we do business; following the same straightforward principles with every client and customer, regardless of how big or small they may be.

That means we get to know you and your business. We offer you a friendly, professional and efficient service, and we'll always be honest with you.
We understand that not everybody speaks fluent IT, so we try to explain things in a way that is simple and clear. We always spend as much time as is necessary explaining things to you.
If you need to talk to us about something, no matter how insignificant, we are only ever a phone call away – and we’re never too busy to make you a cup of tea and have a sit down with you in person.
We understand how frustrating it can be when things are late. When we schedule an appointment with you, we are there when you’re expecting us. If something prevents us from getting there, we always call you in advance to let you know.
Sometimes things can go wrong, but we never lie to you or try to cover something up. If things go askew we tell you what’s happened and how we plan to prevent it affecting your business.
We want you to continuously benefit from working with us. We regularly discuss your business and make suggestions for improving systems and processes wherever we can – but we never try to push you into a purchase.
When we quote a fixed price, that's always the amount we charge – you won’t find any nasty surprises on a bill from us. If you are paying by time and materials, we inform you if our approximations could change.
We understand the importance of privacy for your business and your customers. We respect the confidentiality of your data, and we will never pass on your information to third parties.
We appreciate it when you take the time to give us feedback. A system called CustomerSure records our client's responses, so you can trust that our reviews are from real people.
Find out what they're saying here.
Another rescue from the fantastic team at Transcendit! Thanks David W! Results Communications Ltd

Based on 11207 reviews our customers rate us 9.8/10. Reviews and ratings by Customersure. 17-January-2024

Transcendit are proud sponsors of CHUF, the Children's Heart Unit Fund.

Transcendit is a Living Wage employer
Transcendit is a Microsoft Gold certified partner
VMWARE partner
Vipre partner
IPCortex partner
WithSecure partner
DELL partner
Barracuda partner
Veeam partner
N-Able partner