PB4 Technical Support Bulletin – Ransomware/Backup

CryptoLocker is ransomware, a type of computer software malware, first spotted in September 2013. It targets computers running a Microsoft Windows operating system which can only be reversed upon making a payment. CryptoLocker attacks a computer by encrypting many types of data files in place, which makes them inaccessible, then displaying a message demanding payment (typically of US$100 or $300). This ransomware is usually received in an email or a file attachment.

Here is a list of file extensions that Cryptolocker encrypts

3fr, accdb, ai, arw, bay, cdr, cer, cr2, crt, crw, dbf, dcr, der, dng, doc, docm, docx, dwg, dxf, dxg, eps, erf, indd, kdc, mdb, mdf, mef, mrw, nef, nrw, odb, odc, odm, odp, ods, odt, orf, p12, p7b, p7c, pdd, pdf, pef, pem, pfx, ppt, pptm, pptx, psd, pst, ptx, r3d, raf, raw, rtf, rw2, rwl, sr2, srf, srw, tif, wb2, wpd, wps, x3f, xlk, xls, xlsb, xlsm, and xlsx

Example of what the email may look like

Prevention

Ensure that your workstations and servers have an up to date Anti-Virus software, as well as performing Windows Updates on a regular basis, do NOT open emails from unknown sources that have file attachments, and run a FULL anti-virus scan on your computers and servers. There are also third party softwares like Malwarebytes Free that can find the virus once it’s attacked but can’t fix the file, but will only quarantine them. Malwarebytes boast that if you purchase the PRO version, the real time scan will catch it before it spreads, but as these ransomware developers change the package it’s delivered in, it may be too late and you get hit by the next string of the virus.

Solution

Ensure that you have a series/library of FULL daily backups of your \BRO folder. This would be a good time ( the best time ) to review your backup methods just in case you get hit with this virus and before it’s too late.

Talk to your local tech about setting up and/or reviewing your backup. Or if you would like to learn more, this next link brings you to an 11 minute movie that talks about backing up your Power Broker software and it gives you a way to download the FREE Cobian Backup software if you don’t already have a backup method in place, or if you wanted to upgrade to an automated and tested method.

For more information, watch this video.