Don’t Let Your Data Get “Taken”: Avoid Cryptowall

Written by Joe Kozlowicz on Tuesday, March 10th 2015 — Categories: Security

Liam Neeson from Taken going after CryptowallAs much as we like to compare ourselves to Liam Neeson, our particular set of skills won’t be able to help you avoid a hefty ransom if you fall victim to Cryptowall.

Cryptowall programs are usually hidden in e-mail attachments or in web links in shiftier corners of the web. They download and install a malicious program that completely locks down your computer system and all access to data. Without a backup stored outside your computer, you will have to pay a ransom—usually in BitCoin, which can be a hassle to obtain—in order for the hacker behind your plight to grant access to your files and apps.

Unfortunately, we can’t go all Taken and track down and take out the perpetrators. BitCoin is impossible to track as it is anonymous, and the e-mails are often relayed through masking methods. The best we can do is tell you a country of origin (Russia, mostly).

We’ve had a number of our managed service customers affected by Cryptowall attacks recently. While our data centers remain secure, your offsite systems can easily fall victim to encryption attacks without some common sense precautions. Luckily, you can prevent the majority of these attacks with a little staff training. Here’s how to avoid Cryptowall and other encryption hacks.

Use antivirus and antimalware tools – and update them

This is pretty simple. Install and regularly update an antivirus tool that is capable of active scanning. These can catch a crypto Trojan before it does its damage.

Backup regularly

You can do this locally on an external hard drive, or get set up with a cloud backup solution. That’s not just a sales pitch—if your data isn’t released from a Cryptowall attack even after paying the ransom, you’re going to be awfully upset you didn’t have a backup.

Surf the web (and access e-mail) safely

Don’t visit sketchy websites on your work computers, or any device that you don’t want to get infected. Do not click links or attachments in strange, unsolicited e-mails. That bears repeating. Practice safe e-mail and do NOT open attachments that are unexpected, from an unfamiliar address, or appear to look like a bank statement or incoming fax if you do not receive those types of e-mails regularly.

Turn on ad-block / anti-spam filters and turn off Flash

Your web browser, e-mail client, and antivirus should have the ability to block certain advertisements, helping to avoid malware disguised as web ads. Those ads are usually Flash based, so disabling or uninstalling Flash is a wise decision.

Configure Windows group policies to stop software execution

If you have the knowledge, you can set up registry objects in Windows Professional or Windows server to block executables in locations likely to harbor Trojans. Software Restriction Policies are found in the Local Security Policy Editor, and you add them under Additional Rules.


Taking advantage of these simple tips can help you reduce exposure to malware in general, and hopefully avoid a Cryptowall infection.