Readers of my previous articles will recall that I am a passionate proponent of backup and disaster recovery systems for any business of any size. I have preached the gospel of having multiple copies of your stuff in multiple locations since I can remember, and especially since the time that I didn’t follow my own advice and had to spend $1750 to get my data recovered from a crashed hard drive. I paid the price, not only in dollars, but in professional embarrassment.
But at least I was able to get my stuff back, even if it was painful.
I set things up so that all my files were copied periodically to the external hard drives I bought. Never again since that happened (over 15 years ago) have I had another hard drive crash, though I learned my lesson and obsessively back everything up now.
But so many people I come into contact with still have the same false sense of security that I once did, and it’s crucial to get on the backup bandwagon RIGHT NOW, because there’s a relatively new threat in town that can literally destroy your business with a single click.
I am talking about something called the Cryptolocker virus. There are other variants, (and “improved versions”) such as CryptoWall, CryptoDefense, CryptoBit, and others. These menaces all do the same thing: they encrypt data files on your PC, and also on shared folders on your server, and potentially even on other PC’s on your network. (The exact mechanism by which this is done is beyond the scope of this article).
It will also encrypt files on your external backup drives, your thumb drive, or any other type of external storage attached to your PC.
The virus uses military-grade encryption, and if you don’t get the decryption key (a very long string of seemingly random letters and numbers) you can never, ever open your files again. Period – game over.
How does one acquire the decrypt key? The virus will pop up a screen that will instruct you to go to a website on a secret server, where you’ll be required to pay a ransom of anywhere from $300 to $5000. Once the ransom is paid, the bad guys “promise” to send you a decryption key to get your files back into usable shape. All authorities on this subject strongly advise against sending any money to these criminals, because there is no guarantee you’ll get a decryption key, and (depending on how you have to send payment) you open yourself up to a risk of identity theft by the same folks that are holding your files hostage.
Let me make this point as clearly as I can: while you can easily remove the virus from your PC, you can never, ever decrypt the files without that key. And even if you pay the ransom you may never get that key.
I have one client that opened an email attachment that happened to be the CryptoLocker virus. In a matter of moments, it encrypted all the files on his computer, and also encrypted all of the files on his server. These files had accumulated for over 17 years, and they would have been put completely out of business without them. The only thing that saved them was a backup system in place that backed up their files on an hourly basis. We were able to overwrite the encrypted files with good copies from their backup system.
So what is the gist of this article, and how does it pertain to you? In the good old days, we only had to contend with hard drive crashes (somewhat rare), natural disasters (more rare), or malicious employees (still rare, but less so) to account for deleted or otherwise unusable files. It was easy to suppose that these things would never happen to us, that the risk was acceptable, and that backup was something we’d get to one day. It is critical, however, to get our collective heads out of the proverbial sand. If you don’t have the right kind of backup system in place, and if you don’t have your backup files stored the right way, you are literally one mouse click away from someone innocently opening an email attachment, rendering all your business files encrypted and unusable, thereby giving you (according to statistics about business that have had significant data loss) a 95 ercent chance of going out of business forever.
James Gentry is the president of Atlantic Data Team, a central-Florida-based business IT company. For more information go to www.atlanticdatateam.com.