Skip navigation

A very nasty computer virus that can destroy all of your files called “Cryptolocker” has been in the news a lot recently:


“Cryptolocker partially shuts down Pinal County, Ariz. government network” (SC Magazine)




“Internet ransom a booming business for hackers.” (Toronto Sun)


and if that’s not enough, this one should really get your attention –


“Major Sites Including New York Times and BBC Hit by Cryptolocker” (The Coin Telegraph)



Cryptolocker is a form of ransomware that does exactly as advertised by its very name: It encrypts, locks, and then holds your computer hostage until you pay a ransom.


The specific way this happens is unfortunately quite easy (but also quite easily prevented, see below):


Usually the bad guys send out what seems to be a legitimate and innocuous email and hope you open the infected attachment. Alternately , they may send you a link to an infected website and hope you click on it.


Click here to read more articles from small business expert Steve Strauss


Either way, once the malware gets into your system, you are in trouble. The virus will go through your entire hard drive and begin to infect various file extensions, like .doc (Word documents) and. xlxs (Excel files), among many others. A popup will then inform you that you have 72 hours to pay a ransom (usually between $300 - $500) or all of your files will be deleted.


Many businesses decide that they would rather pay the ransom than deal with the problem. Obviously, a far better step would be to prevent getting infected in the first place.


Here are my top 5 ways to prevent a “Cryptolocker” attack:


1. Invest in a security software suite: You need to find a cloud-based comprehensive security solution that includes a firewall and anti-spam filter. The software needs to cover all of your computers, tablets, as well as mobile devices.


2. Update your software regularly: The bad guys are always trying to figure out new ways to get ransomware on your computer. If you use a cloud-based security solution as suggested, your software will always be up-to-date. You need to also keep your operating system and o

ther vital software current as well.

3.  Create security policies: You need to become educated as to how cybercriminals operate. Then you need to create standards, protocols, and policies for your business with regard to emails, attachments, suspicious sources, software updates, and the like.


4. Teach your employees well: Once you have a process and proper policies in place, you need to teach your employees what is and isn’t acceptable. Educate them on how to spot cyber-threats. Let them know what safe computing looks like for your business.


5. Back up, back up, back up: It is imperative that you back up all of your data in the cloud on a regular (i.e. at least daily) basis. This will give you a clean backup should you ever unfortunately need one.


The reason I suggest you do all of this is that ransomware attacks on business are on the rise, small business owners get this (according to the most recent Small Business Owner Report, almost one in five respondents cited cybercrime as a major issue), and finally, you don’t want to be like the business in this final headline:


“Ransomware takes files at attorney's office hostage.” (KPHO Broadcasting).


About Steve Strauss

Steven D. Strauss is one of the world's leading experts on small business and is a lawyer, writer, and speaker. The senior small business columnist for USA Today, his Ask an Expert column is one of the most highly-syndicated business columns in the country. He is the best-selling author of 17 books, including his latest,The Small Business Bible, now out in a completely updated third edition. You can listen to his weekly podcast, Small Business Success, visit his new website TheSelfEmployed, and follow him on Twitter. © Steven D. Strauss.

You can read more articles from Steve Strauss by clicking here


Bank of America, N.A. engages with Steve Strauss to provide informational materials for your discussion or review purposes only. Steve Strauss is a registered trademark, used pursuant to license. The third parties within articles are used under license from Steve Strauss. Consult your financial, legal and accounting advisors, as neither Bank of America, its affiliates, nor their employees provide legal, accounting and tax advice.


Bank of America, N.A. Member FDIC.  ©2016 Bank of America Corporation



Similar Content

Building barriers against top business fraud threats

5 Most Common Cyber Security Mistakes Made by Small Businesses

How to Protect Your Small Business from Fraud

Checklist: Don’t Let Fraud Win

Guarding Against Fraudulent Financial Transactions


Filter Article

By tag: