Crypto/Ransomware Prevention

Cryptowall and Cryptolocker are ransomware that encrypt your files and demand you pay a hefty ransom to unlock them. This virus strain is costing businesses and countries dearly (Example 1, Example 2, Example 3).

Technology Seed got tired of virus-writing miscreants having the upper hand.

What did we do? We created a means of prevention that goes above and beyond traditional antivirus.

Without getting into the boring details, it works like this:

1. User gets a crypto-virus by some means (i.e. malicious email).
2. The virus starts to encrypt files on the server. User has access to thousands of Accounting files and thousands of other general company files – those files begin to be encrypted
3. However, we run a monitor on the server that looks for the creation of these encrypted files. The monitor runs 24/7.
4. As soon as it detects one of these encrypted files, it shuts down the file shares cold. In an instant, the destructive encryption is stopped without any human intervention. No one called I.T. No one had to wait for IT to login.

This is proactive I.T.

Using our knowledge of how Windows Server works we’re able to stop the encryption before it does real damage.

The procedure isn’t difficult. However, be sure your IT provider/MSP is concentrating on preventing these types of problems, not reacting to them.

Interested in being more proactive about your business IT? Give us a call to learn how we’re a little different.

Kurt Simione is the owner of Technology Seed, LLC (www.TSeed.com).

Original Article: https://www.tseed.com/proactive-cryptowall-prevention/