Protecting Your Office from Cryptolocker

We wanted to follow up on our previous message and blog post about the malicious Cryptolocker malware. This malware, and other variants which are sure to follow, present a great risk to businesses. While there is no way that anyone can provide a 100% guarantee that a user will not download this malware at work or at home, Hilltop has identified the best available solutions to mitigate the risks of data loss, downtime, and decreased productivity for your business. Keep in mind that users connecting over VPN's with network drive access can cause damage to data shared on your network if they have access to the data via a network drive.

Your Firewall:

Hilltop recommends that our clients have a current version of Sonicwall firewall with Comprehensive Gateway Security (CGSS). For most of our clients, the Sonicwall TZ215 or NSA series firewalls are appropriate. If your business has an older model of Sonicwall, or another solution, we strongly recommend replacing the firewall before the end of 2013. We recommend purchasing the 3 year CGSS option with the new firewall. CGSS inspects all inbound and outbound Internet traffic and can block malware before it reaches your computers.


All Hilltop managed computers should already have our managed antivirus installed. As soon as new updates are available from the antivirus vendor, we deploy them. Just keep in mind that the criminals that create malware are always figuring out new and creative ways to get past your antivirus software. They have proven themselves to be very good at this.

If your office uses Microsoft Exchange, we recommend the Reflexion Total Control Email Security System. Total Control is filtering out the known variants of Cryptolocker when they are sent via email.

Server Backups:

Hilltop recommends the Datto Backup and Disaster Recovery Service (BDR) for all clients that have on-premise servers. In the event that Cryptolocker runs on your network and holds your data ransom, we can restore all data, programs, and settings for your server in less than an hour. A Backup and Disaster Recovery type backup solution is the only way to quickly restore a server in the event of a disaster. Backups that utilize tape, USB hard drives, or simple cloud backups of data files (Mozy Pro, Carbonite, or Jungledisk) will not allow us to restore your server to full functionality anywhere as quickly as a Backup Recovery Device (BDR).

Cloud Storage:

If you do not have an on-premise server, and only use cloud storage, Hilltop recommends Dropbox for Teams. We have verified that data that gets encrypted and held ransom by the Cryptolocker criminals can be restore using Dropbox, as long as the data was being backed up by Dropbox. Dropbox does not backup or restore the programs on your computer, only data. There are other options for full image backups of computers if needed.

Home Computers:

While Hilltop is not managing your home computers, we still don't want to see you lose your personal data, such as pictures, financial records, and music. If you don't already have a backup system in place for your home computer, consider installing the free 2GB version of Dropbox at home. It is really easy, and might save you in the event of malware infestation or a hard drive crash.