[Computer Corner]

Crypto Locker is a vicious infection that encrypts All, or most of the data on your computer... A ransom is then set for you to meet, in order to 'supposedly' get the decryption key!

Unfortunately, in 99.99% of the cases, this is just a ploy to get money from you, and you will never get the decryption key!

Sadly, if you get infected with this malware, your files are gone, and there is nothing anyone can do about it.

However, as your local computer specialist Serving The Villages, we have written a blog on our Technology Blog to help you avoid this terrible infection. We will paste it here, but you can see the original post here on our site, if you would like; 11 Ways to protect yourself against CryptoLocker - Central Florida Geek- Computer Repair, Web-Design, Home Theater, iPhone repair, and More!

------------------------------------------------------------------------

Title: 11 WAYS TO PROTECT YOURSELF AGAINST CRYPTOLOCKER
Originally posted here: 11 Ways to protect yourself against CryptoLocker - Central Florida Geek- Computer Repair, Web-Design, Home Theater, iPhone repair, and More!


Cryptolocker and Ransomware are the latest tools used by cybercriminals to part us with our hard earned cash.

The way Cryptolocker works is to encrypt every file on your computer and the only way of unencrypting them is to pay a ransom using bitcoins. At the moment the least you can expect to pay is $300.

One of the scariest things about this infection is that it can encrypt data on Shared drives from other computers!! Imagine, an employee of a company getting this infection on their PC, and it encrypts all the files on the entire network!

What happens if you don't pay?

The ransom is time limited. If you don't pay within the time limit your files will be encrypted forever.. supposedly.

Previously the scammers stated that there was no way back after the time limit has passed but they are a little more forgiving now. Oh yes, their generosity is endless. As you failed to pay in time you can still get your files unencrypted but you will need to pay a lot more money in order to do so... supposedly.

I say supposedly, because realistically, you don't want to ever have to deal with these people. You can't trust that the rules won't change and as the payment is in bitcoins you have no recourse for getting your money back should the scammers change their minds. In fact, the chances of them ever actually decrypting your data is slim to none. Basically, it won't happen.. don't be fooled.

The following is a list of things you can do to beat Cryptolocker and any other Ransomware kits that undoubtedly are going to be the weapon of choice in 2014.

If you have a swimming pool in your back garden then there are 2 things you can do to stop your children from drowning.

The first thing you can do is build a wall around the swimming pool to stop your kids getting into the pool.

The second thing you can do is teach your kids to swim.

What does this have to do with Cryptolocker you might ask?

Well, you can also do 2 things to beat Cryptolocker. The first thing you can do is stop yourself ever getting Cryptolocker in the first place. The second thing you can do is make sure you have a recovery path should the first thing fail.

I am going to tackle these in reverse order, recovery first and then prevention.
Disaster Recovery You can employ any or all of the following techniques to save yourself if Cryptolocker or any other ransomware infest your computer.

1. Create a system repair disk
The system repair disk will enable you to get Windows back in a useable state.

Of course Linux users do not have to particularly worry about this. Linux users should be able to download the operating system from the download page of their chosen distro.

Follow this guide for creating a system repair disk for Windows 7.

Follow this guide for creating a system repair disk for Windows 8.

Follow this guide for creating a system repair disk for Windows XP.

2. Create a system image
A system image creates a complete copy of disk partitions and stores them to external media such as USB drives, DVDs or external hard drives.

If Cryptolocker infects your computer you can use the system image to restore the backed up partitions to the state they were in at the point the image was taken.

Using this method obviously relies on you backing up an image regularly.

Personally I would use this in conjunction with other methods in this guide. Maybe take a system image monthly and perform normal file backups as often as required.

Everybody will have different requirements, especially for home use.

Follow this guide to create a system image using Windows 7.

Follow this guide to create a system image using Windows 8.

Follow this guide to create a system image using Windows XP.


3. Perform regular backups- IMPORTANT
If you regularly add files to your system whether it is by creating documents, software development, photography or video capture then you should set up a regular backup routine to copy your files off onto external media.

This is a must! We recommend that every person have a minimum of 3 backups. First, being a local, external drive that you keep at your desk, attached to your computer, a second one that is detached from your computer, and a third that is cloud based(more on this later)

Follow this guide to backup your files using Windows 7.

Follow this guide to backup your files using Windows 8.

Follow this guide to backup your files using Windows XP.

This guide shows a list of backup tools for Linux.

4. Use Clonezilla to create a disk image
Clonezilla is a specialist Linux based operating system that enables you to create a system image of your computer.

It works in a similar way to Norton Ghost used to work and therefore if you get any nasties you should be able to recover to the point in time the last image was taken.

Here is a guide showing how to clone a drive using Clonezilla.

5. Backup your files to Dropbox or Google Drive(the Cloud)
The sudden realisation that all your files have been encrypted and that your children's photos are no longer accessible, your small company accounts folder is locked or your entire music collection has been rendered useless would be a sickening feeling for most people.

Services such as Dropbox enable you to synchronise your files between your computer and an online location.

This sort of service doesn't just protect you against ransomware but it protects you against disk failures, fires and burglaries.

If you do happen to get Cryptolocker then you could use a recovery disk to restore your operating system and simply synchronise back from Dropbox to your own computer.

Dropbox is free for the first 2gb and you can increase this to 16gb by referring other people.

You can get 100, 200 and 500 gb starting at $9.99 a month.

Google Drive is an alternative to using Dropbox.

With Google Drive you receive 15 gb of space for free and then a further 100 gb for $4.99 a month.

6. Backup to DVDs, USB and External Hard Drives
When you do something on your computer such as synchronising photos from your digital camera, downloading music or creating documents you should consider whether you can afford to lose those files.

Synchronizing to an external service is a great idea because it can happen automatically.

You should also consider backing up the files yourself to a blank DVD, USB drive or an external hard drive.

DVDs are sold in packs of 50 for under £10. By backing up to different DVDs regularly you lesson the impact of ransomware.

USB drives provide more space for backing up files. They are more expensive than DVDs but can be reused again and again.

External hard drives provide even more space again which is useful for backing up video files.

7. Test your recovery media
There is no point in doing any of the first 8 steps if you aren't going to check that the backup paths you have chosen work.

If you have gone to the effort to create a recovery disk, insert it into the drive and make sure you can boot to it.

If you have backed up to Dropbox or Google sites make sure the files aren't corrupted.

If you have backed up to DVD, USB or external hard drive try and view the files to make sure they work.
PreventionHaving a disaster recovery plan is great. If the worst should happen then you now know that you can get back all of your files and you will have saved yourself £300. (minus the cost of any services or disks that you buy).

Have you ever installed an operating system before? How confident are you that you know how to recover your operating system.

It is very easy for me to sit here and say "just insert the system image and hit restore" but for those of you who are technically challenged this probably makes your palms just as sweaty as the idea of handing your credit card details over to a known bad guy.

If you are technically challenged then you may need to factor in the cost of getting a local computer store to recover your operating system and files.

Therefore the best course of action is prevention.

8. Don't run with elevated privileges
If you are a Windows user make sure you have more than one user account and make sure that the account you use to access the internet is just a standard user account.

The worst that can happen to a standard user is that the files in their own area are affected. You can simply destroy that user account if you so wish.

Running as an administrator is fraught with danger.

The same advice goes to Linux users as well. Don't run as root.

9. Install Antivirus software And keep it updated!
Most of the good antivirus service providers will have Cryptolocker in their sights and so you should be protected.

Even if you are a Linux user you should consider installing antivirus software.

Just because there have been few reports of viruses doesn't mean that it can never happen but the main reason to install antivirus software for Linux is so that you can scan any files that you plan to send to your friends, relatives and work colleagues.

That picture of a cute kitten that is harmless on your Ubuntu machine might well be riddled with viruses that destroys your company network after a dozen colleagues open it.

Keep antivirus software up to dateSeriously there is no point having antivirus software that has out of date virus definitions. It is like having a lock on a door and leaving the window open.

10. Be skeptical
If your bank has anything important they need to tell you then they will never use email to do so.

If you become overdrawn you will receive a letter in the post and you can always check your online bank account.

Most banks provide information via their online bank portals.

If there is anything in that email that just doesn't look right then get rid of it.

This theory works for all major companies and government departments. They don't (or shouldn't) send out anything via email that requires you to follow links or open files.

11. Never pay up
As tempting as it may seem when everything has gone wrong never ever pay the ransom.

By paying the ransom you are encouraging these people to do it again and again and again. Plus, you will never get what you are promised.. your files, unfortunately at this point, are gone.

Unfortunately this advice can be hard to take when even a police force thinks it is a good idea to pay.

US police force pay bitcoin ransom in Cryptolocker malware scam | Technology | theguardian.com

-----------------------------------------------------------

Hope this helps everyone out there... We here at CflGeek.com take great joy and pleasure in providing community service, and helping people for free when we can by helpful articles, and participating in this Forum!

Let us know if we can help you in your situation!

[JoelJohnson]

Buy a Chromebook and never worry about a virus again. Operating system is always up-to-date, virus protection is automatic.
Yes it needs an internet connection, but when was the last time you used your computer without one?
I've been a programmer since 1969 (not a mistype), I use a Chromebook for 99.9% of my computing needs.