Do not follow unsolicited web links in email.Keep your operating system and software up-to-date with the latest patches.Maintain up-to-date anti-virus software.Conduct routine backups of important files, keeping the backups stored offline.US-CERT recommends users and administrators take the following preventative measures to protect their computer networks from a CryptoLocker infection: US-CERT and DHS encourage users and administrators experiencing a ransomware infection to report the incident to the FBI at the Internet Crime Complaint Center (IC3). While victims are told they have three days to pay the attacker through a third-party payment method (MoneyPak, Bitcoin), some victims have claimed online that they paid the attackers and did not receive the promised decryption key. Asymmetric encryption is a more secure form of encryption as only one party is aware of the private key, while both sides know the public key. Asymmetric encryption uses two different keys for encrypting and decrypting messages. Victim files are encrypted using asymmetric encryption.
CryptoLocker then connects to the attackers’ command and control (C2) server to deposit the asymmetric private encryption key out of the victim’s reach.
If one computer on a network becomes infected, mapped network drives could also become infected. The malware has the ability to find and encrypt files located within shared network drives, USB drives, external hard drives, network file shares and even some cloud storage drives.
0 kommentar(er)
