How to avoid a CryptoLocker attack

Technical Support Analyst

Fav thing about the office

The banter

As a child I wanted to be a ... when I grew up

Racing Driver

Guilty Pleasure(s)

McDonalds Breakfast

Favourite Holiday

Riviera Maya, Mexico

If I had a superpower it would be...

Invisibility

Describe yourself in three words or less

Friendly, Fun, Honest

An interesting fact about me

I’m Head Coach at Lancaster Canoe Club

Likes

Formula One, Kayaking, Food, Wine

Favourite Band

Sigala/Clean Bandit

Karaoke Jam

Anything by the Beatles

What I do at Q2Q:

My role is – Technical Support Analyst

I work with our customers to resolve their problems on a wide range of IT Hardware and Software and make sure they can get back to work as quickly as possible. I provide assistance both on the phone and remotely, but I also regularly get out to client sites.

Background and Achievements

20 years in IT, with a mix of experience including Support, Service Management and Wireless Networking.

Hobbies and Interests

Big follower of Formula One.

I have been Kayaking and Canoeing now for nearly 8 years and have achieved Both Level One and now Level Two coaching qualifications.

I was recently made Head Coach at the local Canoe club and get to work with a team of coaches delivering British Canoeing courses to our members.

Very much a foodie, and enjoy a nice glass of Red.

Given that between 60% and 90% of organisations fail after a security breach or data loss – and with plenty in the news about CryptoLocker attacks and GDPR fines – it’s never been more important for SME owners to make sure sensitive company data is stored somewhere safe.

By protecting your data, you’ll not only minimise the level of damage if you were to become the victim of a cyber-attack, but also enable rapid recovery in the event of a power outage or natural disaster, for example.

Not all back-up solutions are made equal

If you are storing a large amount of data, it’s vital that you are taking adequate precautions to keep the information safe – in order to do so, it’s important to know which product is right for you and your business.

One option is to choose a system to which the storage media that the back-ups are saved on, is continuously connected. Known commonly as replication, this method is probably the easiest – and quickest – solution to restore your systems in times of a crisis. This technique also reduces the amount of data altered between back-up windows.

However, it’s worth mentioning that it’s also the most susceptible to a cyber-attack. Why? If your server or PC becomes infected and the back-up media is uninterruptedly attached to the same machine, there’s a simple path for the crypto to pass through, meaning your back-up data itself can easily be compromised.

How do I protect myself from a cyber-attack?

A correctly configured programme will take a snapshot of your system at a set time each day, and send the information directly on to tape, cloud or disconnected storage. Whilst restoring from this type of back-up can be slower, the safety blanket it provides is invaluable – as it’s impossible to be compromised by a CryptoLocker attack.

If you’re worried whether your current back-up solution is CryptoLocker safe, our team of highly-skilled IT experts at Q2Q can offer help and advice, as well as state-of-the-art back-up and replication services which can be tailored to you and your business. We’ve included below our top tips for keeping your data safe.

1.      Use third-party anti-spam scanning to reduce email threats

2.      Be vigilant with unknown emails or suspicious documents on USB sticks

3.      Never download attachments from unknown senders or sources

4.      All machines should be running up to date Anti-Virus

5.      Backup data should be stored outside of the server, such as on removable drives or the cloud

6.      Have a documented disaster recovery process in place to help speed up recovery if the worst does happen

7.      Test the backups to ensure they work – and you know how long it will take to recover your files

8.      Where possible, restrict remote access to specific staff during set hours

9.      Shared folders should have tightened permissions

10.   Remove or disable any old user accounts

How to avoid a CryptoLocker attack