Cryptolocker: MSP best practices for keeping clients’ data safe

Posted by Josh Berkowitz-Geller on Nov 26, 2013 3:30:00 PM

By Josh Berkowitz-Geller, Technical Support Engineer

By now you’ve probably heard about cryptolocker, the latest strand of ransomware that locks your files up with a powerful encryption key and holds them hostage until you pay hundreds of dollars. The malware mostly targets small business files, according to Cisco, which means there’s a chance you as an MSP might be asked to come to your clients’ rescue.

So how do you keep your clients safe? Unless you want to pay the ransom (lucky you, the crypto folks now accept late payment!), experts say clean data backups are really the most effective way to get your files back. We agree, and we wanted to offer a few best practices you can put in use to stay malware-free.

Back up, and back up often

In Technical Support, we hear occasionally from partners who decide to drop the frequency of their backups. This is a risky practice under normal circumstances, because it means you might not have an old version of a file when you desperately need it. But with cryptolocker out there, it becomes an even bigger risk.cryptolocker warning message

That’s because research has revealed that the malware can potentially scramble the contents of a file rather than the file itself. As a result, the fewer versions of a file you have saved, the less time you have to find out if your client has been hit by the virus.

We always recommend more revisions, and now more than ever.  The Intronis cloud backup solution makes it economical to store an unlimited number of revisions with our Intelliblox change block tracking technology, which backs up only the blocks of data that have been most recently updated. If you’re backing up with Intronis, you have a better chance to retrieve an uncorrupted version of your client’s file, and you reduce the huge financial risk of losing crucial data.

Educate your end users

Cryptolocker can only infect your clients’ computers if they let it, and many businesses have been duped by social engineering. Victims are most commonly targeted via email attachments, and if downloaded, a malware installer uses a number of clever workarounds to ensure your files are wrapped up in encryption and out of reach.

Naturally, MSPs need to warn their customers to avoid suspicious emails and attachments, as an effective data protection strategy includes both mitigation and remediation like cloud backup.  Unfortunately, this type of mitigation isn’t 100 percent effective, and even if you’re using enterprise-level antivirus solutions, it’s important to have strong remediation tools in place to resolve an infection.

Not every MSP invests in remediation the way they should, as the results of our new cloud backup study will tell you. In fact, a big reason why some solution providers reduce their frequency of backups is to manage short-term costs. But when you think of backup cost, be sure to weigh the likelihood of a disaster and the cost of rebuilding from a disaster against whatever you’re paying.

Simple math will tell you that if it costs more to rebuild than it would to protect up your data, you’re losing money in the end. So play it safe and run a backup – as often as you can.

Subscribe to the Intronis Cloud Backup and Recovery blog

Topics: Malware

Which Data Loss Gremlin Is Targeting You
MSP Health Check
MSP Phishing Quiz
Intronis Local Lunches
MSP Marketing Assessment