It happened on 11 November 2013.
I opened an email sending me a voice message from a fairly new friend of ours, in fact, she was the 12 year old daughter of my son’s new girlfriend. We’d sent her a birthday card so it was nice to think she’d got in touch The spelling of her name wasn’t quite the same – let’s say her name was Lia and the email message spelt it “Lya” – not knowing her long I assumed I’d spelt it incorrectly. On clicking the message nothing appeared, so maybe it hadn’t saved correctly. The phone ringing distracted me and as I was talking a small red box flashed at the bottom of my screen. Still distracted I clicked on the box, nothing happened. A few moments later, my screen was filled with a large red box stating that all my files had been encrypted by Cryptolocker – an exceptionally nasty piece of ransomeware.
This virus was so new that I’d been hit in their first UK targets. You might think as an IT trainer I should know better than to open a message like this, and I’d agree, normally. The total coincidence of the name just blinded me into a false sense of security.
Why is Cryptolocker exceptionally nasty? It encrypts EVERYTHING on your computer. And then demands that you pay $300 for the files to be released. Not only that, but any attached external drives, eg, usb / hard drive, would also have been included in the attack. I have an incremental remote back-up. Guess what, yes, it encrypted those files too!
To say I was in despair was an understatement. My entire 13 years of business had been encrypted. And in case you’re in any doubt, the files I could open were lines of complete mumbo jumbo. I researched on the Net. If I paid up, as a police department in USA had done, how did I know these villains would release my files? After 70 days they’d destroy my files if I didn’t pay up. The next stage in their master plan was to up the anti after 70 days and, providing details of a Bitcoin account demanded $2,000 for the files safe return!!!
The incremental remote back-up. I spotted that the back-up company could restore 30 day deleted files. So I got in touch, maybe, just maybe….. Yes, based in America, they knew about Cryptolocker and were frantically working to help their clients. They thought that they could help me. On 3 separate occasions they phoned me, talked me through and remotely accessed my machine to restore my files. Not all the files were saved, but the majority were. They didn’t charge me one extra $ / £ to do this – the annual charge for the back-up was then, just $54. The company? Carbonite. And I shall be forever thankful for their help in saving my business and my sanity.
So, beware. There are very clever, but equally nasty people out there. Make sure your anti-virus software is always up-to-date, buy the best you can afford, and don’t be lulled into a false sense of security as I was. Not everything is as it seems on the Internet. Think once, think twice, think 3 times and then run that email/attachment manually through your updated anti-virus software.
Jackie Groundsell is known as the queen of women's business networking lunches - the Connector. She supports thousands of small business owners through her events and lunch-time meetings