Follow Us

We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message

Cryptolocker: UK SMEs warned that vicious ransom Trojan is targeting them

Encryption malware pointed at UK

Article comments

Large numbers of UK SMEs are being targeted by a major spam campaign pushing the vicious Cryptolocker ransom malware using plausible-looking targeted attachments, the National Crime Agency (NCA) has warned.

In an unusual alert, the NCA’s Cyber Crime Unit (NCCU) said that “tens of millions of UK customers” were in the sights of the latest campaign, which was turning up in inboxes posing as invoices from banks and financial organisations.

After encrypting any data files it finds on local and network-shared drives, this particular campaign demands 2 Bitcoins (£550 at current rates) in ransom for the unlock key.  The point is driven home by a countdown timer that demands money by a given date, usually 72 hours later

"The NCA are actively pursuing organised crime groups committing this type of crime. We are working in cooperation with industry and international partners to identify and bring to justice those responsible and reduce the risk to the public," said NCCU deputy head, Lee Miles.

Police were trying to track down the source of the email database being used to target firms, he said, a statement that hints at the disturbing possibility that a compromised database is being used, possibly also to target named individuals. If correct, such targeting would greatly increase the campaign’s effectiveness and make it much harder for ISP and business anti-spam systems to filter out malicious emails.

Firms or individuals caught by Cryptolcoker should not pay the ransom, which in any case would be unlikely to deliver the unlock key, Miles added. This seems like good advice; Russian firm Kaspersky Lab has warned that criminals using the malware appeared not to be supplying unlock keys to paying victims.

It’s not clear when this campaign began or even if it’s that new but when it comes to the extraordinary Cryptolocker, a devastatingly effective piece of global malware that dates back no further than August 2013, anything is possible.

Too often, police in many countries have appeared to be behind the threat, reacting to the damage after it has been inflicted. In the space of only a few short weeks, Cryptolocker has become without challenge the malware story of 2013.

Who is behind Cryptoocker is a matter of speculation but the culprits are believed to be an organised crime house with Russian and Ukrainian connections, possibly inspired by criminals that launched the wave of hugely-profitable fake antivirus scams a few years back. It also seems to connected to banking malware campaigns.

Given that Cryptolocker’s encryption can’t be cracked, there is plenty of advice on how to protect a business or individual PC against the effects of Cryptolocker, starting with the unpleasant fact that even up-to-date antivirus software won’t be enough.

Basic protections include having recent secure and structured backups (not synchronised cloud backups, which could simply make things worse), and even resetting the PC's clock to delay the countdown timer.  Another angle is using software restriction policies.

The most important advice is not to wait for official organisations such as US-CERT and the UK’s NCA to warn of malware; the latest alert is worth paying attention to but is weeks later than it should have been.

UK security expert Graham Cluley has published an excellent summary of Cryptolocker and a link to Bleepingcomputer’s must-read FAQ.


More from Techworld

More relevant IT news


Send to a friend

Email this article to a friend or colleague:

PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.

Techworld White Papers

Choose – and Choose Wisely – the Right MSP for Your SMB

End users need a technology partner that provides transparency, enables productivity, delivers...

Download Whitepaper

10 Effective Habits of Indispensable IT Departments

It’s no secret that responsibilities are growing while budgets continue to shrink. Download this...

Download Whitepaper

Gartner Magic Quadrant for Enterprise Information Archiving

Enterprise information archiving is contributing to organisational needs for e-discovery and...

Download Whitepaper

Advancing the state of virtualised backups

Dell Software’s vRanger is a veteran of the virtualisation specific backup market. It was the...

Download Whitepaper

Techworld UK - Technology - Business

Innovation, productivity, agility and profit

Watch this on demand webinar which explores IT innovation, managed print services and business agility.

Techworld Mobile Site

Access Techworld's content on the move

Get the latest news, product reviews and downloads on your mobile device with Techworld's mobile site.

Find out more...

From Wow to How : Making mobile and cloud work for you

On demand Biztech Briefing - Learn how to effectively deliver mobile work styles and cloud services together.

Watch now...

Site Map

* *