Cryptolocker

Stopping Cryptolocker variants with Mimecast

How to prevent a Cryptolocker attack.

Cryptolocker is a ransomware virus that encrypts files on an infected computer and demands payment for key to decrypt the files. The original Cryptolocker virus first appeared in 2013 and was permanently neutralized in May 2014, but variations of Cryptolocker ransomware -- some using the Cryptolocker name – continue to plague individuals and organizations today.

In a Cryptolocker attack, the virus arrives at a computer via an email or spam message that contains a weaponized attachments or links to a malicious website. The attachment may resemble an invoice, shipping notice, fax report or Office document. When the attachment is opened, the Cryptolocker virus encrypts a large number of files – presentations, spreadsheets, Word docs, PDFs, images and many others. Users then see a message informing them the files have been encrypted and instructing them how to pay the ransom to get the decryption code.

Cryptolocker prevention requires awareness among users and powerful anti ransomware technology that can prevent users from clicking on malicious links or opening malicious attachments. And when those measures fail to block ransomware like Cryptolocker, having robust backup and recovery tools can mitigate the damage caused by an attack.

Stopping Cryptolocker variants with Mimecast.

Mimecast provides state-of-the-art protection against Cryptolocker attacks and other advanced threats. As an all-in-one, cloud-based subscription service, Mimecast offers tools for email security, archiving and continuity that reduce the risk and cost of managing business email.

To protect against ransomware, Mimecast email security services scan all incoming and archived email and block access to suspicious URLs and attachments. Mimecast scans the destination websites of every link on every click, blocking access to any website that may be malicious. Mimecast also scans the contents of attachments and either sandboxes them preemptively or rewrites them to a safe format so users can access them immediately. Mimecast also provides tools and training that empower end-users to identify and mitigate attacks like Cryptolocker, phishing, spear-phishing, impersonation fraud and other sophisticated threats.

Minimize the damage of a Cryptolocker attack.

When your users and security defenses fail to detect ransomware, Mimecast helps to mitigate the impact of an attack by providing access to copies of files and emails stored in an off-site archive. By keeping multiple copies of files in Mimecast's cloud archive, administrators can easily recover after a Cryptolocker attack, quickly restoring access to users' email and files without disruption to business.

Learn more about preventing Cryptolocker attacks with Mimecast.