A new online extortion cyber threat called CryptoLocker could affect anyone who has a computer, and especially people who use Facebook. If you activate the program, a message appears and tells you to pay money or your computer will be locked.

This malware was first released in September of 2013 and it has severely impacted the operations of a number of insurance agencies.  In fact, it has been highlighted in articles published in Chubb’s Risk Conversation and Property Casualty 360 recently.  We know one agency that was hacked by this program a few months ago and the owner is still attempting to recover all of the files.

Dell SecureWorks estimates that up to 250,000 systems were infected globally in the first 100 days of the threat, and many businesses and organizations are unprepared for this threat.  The amount of ransom can be as low as $350 and run into the many thousands of dollars.  Also, there is no guarantee that if you pay the ransom, you will get your files back.
The “ransomware” typically arrives through a link on a social network or an email attachment, often a fake FedEx or UPS tracking notice.

How it works
CrytoLocker infects your computer when you open an attachment or click on a link that contains the malware.  It then encrypts all the files on your hard drive or server and a screen pops up that informs you that you must pay a ransom to have your files unencrypted.  You must pay using untraceable methods such as cash, MoneyPack or bitcoin.

How to prevent an attack
To prevent this malware from infecting your agency, it is highly recommended that you take the following steps:

1)  Back up all of your files daily, preferably at a secure offsite location.  If you use a backup drive, make sure that it is not connected to your computers when not in use.
2)  Install anti-virus and anti-malware software on all of your systems and update the software regularly.
3)  Use a reputable, cloud-based agency management system, as these firms typically have excellent file protection security.
4)  Train your staff not to open attachments from unknown sources, especially .zip files.  Also, have them avoid clicking on links in email messages where they do not know the sender.
5)  Download and run the CryptoPrevent tool on your computers: https://www.foolishit.com/download/cryptoprevent/

CrytoLocker demonstrates the vulnerability of IT systems for small businesses.  Insurance agency principals should take all safeguards possible to protect their client’s data, for the client’s sake and also that of the well-being of their business.