November 21, 2013
By Roger Thompson

One of my friends recently received an alert from her sheriff’s office, warning her about something called Cryptolocker. The language in the alert was quite alarming, and she wanted my opinion.

I told her that Cryptolocker was indeed real and is the criminal’s monetization scheme-du-jour. While it is a real pain if you got nailed by it, basic security practices would keep you perfectly safe.

I enumerated those practices for her, and, although we were communicating by typing in a chat program, I could almost hear her smile as she said, “That’s the same advice from twenty years ago.” I realized she was right.

Now obviously, a lot of people haven’t heard that advice because the criminals are clearly making money with things like Cryptolocker, so I’ll present them again:

  1. Keep patched. Not just Microsoft, but also Adobe and Java. Patch them. Often.
  2. Install an antivirus program and keep it up to date. Preferably an ICSA Labs certified product.
  3. Don’t open attachments from an unknown source. The widow of an African General has not decided to leave you $20,000,000, and you have not won some European Lottery, especially one in which you have not bought a ticket, and neither Bill Gates nor Mark Zuckerberg is intending to send you $1000, no matter how many ‘likes’ he gets. Oh, and the ‘NACHA Bank Transfer’ did not fail.
  4. Create a user-level account for day to day work and use that one all the time. You only need to log in as administrator when you want to patch or update. This single step protects against most malware all by itself. That’s because most malware cannot install without administrator privileges.
  5. Invest in some form of automatic backup, whether it’s cloud-based, or local, the key is that it has to be automatic. This way, if disaster does strike, whether it’s a crashed hard drive or a new version of Cryptolocker, you’ll be inconvenienced rather than devastated.

That’s it folks. Five easy steps and you’re pretty safe from things like Cryptolocker.

It won’t save you from things like state-level/ enterprise-built malware, but most people are not a target for that anyway.

Paraphrasing a clever fellow named Solomon, “There is nothing new under the sun.
“Well, not much anyway.”
“Just more of the same.”


Post new comment

  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd>

More information about formatting options

This question is for testing whether you are a human visitor to prevent automated spam submissions.
Enter the characters shown in the image.