Today revealed a client with the CrypotoWall 3.0 virus on their computer.Computer viruses are real and a timely reminder on steps we should all have in place to safeguard against the attempts of others to interfere with our setup.It’s a necessary reality and in many ways an excellent way of ensuring we treat our data with the care and attention it deserves – or not.So, what to do:
- Mitigate (guard against intrusion and vulnerability),
- Minimise (reduce spread of infection and damage),
- Eliminate (root it out and return to normal service).
Sounds easy, right? It should be, if we have steps in place for each step.So you suspect you’ve been infected and in the case of the CryptoWall 3.0 – the pop up notice is pretty obvious. First thing is to STOP. Stop what you are doing and disconnect from the internet – physically. Unplug your network cable or turn off your WiFi – physically.Now breathe. Next, leave everything as it is. Leave files open and your computer in the state you suspected it was infected.Where is your backup routine at? If its in progress stop and disconnect it (assuming it is physically separate from your computer and it is, right?).Check your antivirus software and ask it to do a complete scan of your computer. Leave it to do its thing – while you document what you were doing before enlisting expert help.Okay, reality is for many of us we don’t know if we have any antivirus protection (or thought we do but aren’t sure) and don’t really have any backups to speak of. Well that’s just reality and you’re being served a reminder that you probably knew was coming.When it comes to CryptoWall 3.0 it is nasty, and so it should be. Virus writers are out to wreak havoc – it’s not their intent to leave you unscathed – that’s like having a massive car accident and expecting all the damage will be restored with some paint polish.Your computer expert will probably install some additional utilities designed to directly root this bug out and quarantine the damaged files. That’s after your own antivirus software has done its utmost to minimize damage or eliminate the bug.Ignore the pleas for money to receive the key to retrieve your data – it’s not a guarantee and more a possibility than probability. Their intention was to cause damage and leave you feeling vulnerable to the point you will pay the ransom, while they move on. Oh, they’ve already moved on, many many many times.So; there are two lessons this client is wishing they’d heeded earlier:
- Back up your data – regularly – ideally to more than one location.
- Ensure your antivirus protection is up-to-date.
The current situation is such it will cost them significantly more to clean this up than the hardware and software that would have protected them initially. A bit like insurance; actually a lot like insurance.As for eliminating that CryptoWall 3.0, it is cunning and in some instances you’d be better off to start afresh. Again, a backup of your computer will minimize downtime but you have to weigh up the downtime and cost to productivity. The more you leave yourself exposed (either deliberately by rolling the dice or through ignorance) the greater the cost – financially.Is it worth the risk?