The jist of the article is that once this trojan gets downloaded and installed onto your system it encrypts either the whole hard drive or just sections of it (Documents etc) and you have to pay a fee to get it unencrypted. The problem is that even if you reset the system you can’t recover your documents beforehand as they are encrypted meaning you lose all the data stored on that system. That however is not the worst part. Any network drives that are mapped to the infected system are also encrypted!! If you have a central server that shares files across the network potentially this trojan could encrypt all your files.
So what is the best defence against this?
First things first make sure that your antivirus is fully updated and make sure you are running a paid version not free software. The reason I say this is that recently I have seen a lot of viruses getting through free antivirus plus in a business environment you should have a paid antivirus anyway.
Educate your users and make sure they understand the consequences of what might happen and lastly take backups and get them offsite. If you are backing up to another system on the network it could also get encrypted if the worst happens. External hard drives would be a bonus here or alternatively use online storage. Personally I would suggest something like Dropbox and there is one very good reason for this. Dropbox allows you to recover seven versions of any file stored in your account and in this scenario that would be a lifesaver. If your server that is linked to Dropbox did get compromised and the Dropbox folder encrypted you could still recover the files.
Either way make sure you have backups and keep monitoring your systems.
About the Author
Hi I’m Chris Wakefield the owner of ComTech IT Support. I provide Windows and Linux based IT Support, laptop repairs and computer repairs to both business and personal clients in Stirling, Falkirk and Perth.
Follow @Comtech247 on Twitter