MSPmentor Blog

Beware the Crypt Keeper

RSS

The CryptoLocker Ransomware virus has been making the rounds. It is a variant of malware that restricts access to infected computers and demands the victim provide a payment to the attackers in order to decrypt and recover their files. Here's how Datto partners were able to recover customer data after being hit with this malware.

What does “Crypt” mean to you?  Until recently it may have brought up images of that creepy character from HBO’s Tales from the Crypt, or one of the many words that contain “crypt” such as encryption, cryptograph, or cryptical.  No doubt today it takes on a different, more menacing meaning – it’s link to CryptoLocker.

The CryptoLocker Ransomware virus has been making the rounds.  If you haven’t heard about it yet, and hopefully it hasn’t affected you, the U.S. Computer Readiness Team (US-CERT) defines CryptoLocker as a “variant of malware that restricts access to infected computers and demands the victim provide a payment to the attackers in order to decrypt and recover their files.”  

I first became aware of CryptoLocker from the Datto Tech Support team.  Chris Henderson, a member of our 24/7 support team, has successfully worked with multiple Datto Partners on their post-CryptoLocker data recovery.  He also put me in touch with some of them so I could hear their successes first hand.

CorCystems and CryptoLocker

One of the Partners I spoke with about their experience is Pat DeMichele.  Pat is a service manager with Connecticut-based CorCystems.  Pat told me “Three of CorCystems clients’ have had to contend with the CryptoLocker virus.  In most cases, as soon as the client called our tech support and once we were able to identify the files affected we were able were able to easily mount a restore point.  With the Datto SIRIS/ALTO models installed it’s made it very easy to restore the data and maintain uptime.”  To me, and I think for Pat as a solutions provider, a key component of the scenario is, “Providing Datto services has saved our clients a lot of money and heartache.”

CryptoLocker Hits Sound Technology Services Customers

Sound Technology Services, also located in Connecticut, had a similar experience.  According to Brian Higgins, the owner of Sound, “One of my clients was hit by one of the first waves of the virus. Since CryptoLocker stores the list of files it encrypts in the registry of the infected machine, it is easy to mount a pre-infection backup and take the registry data and build a batch file to restore the original files from the Datto unit back to the server. “  The process took a less time than one might think. For Brian “[it took] approximately 20 minutes to build the batch file, and less than 45 minutes to restore only the encrypted files on a 250gb data store, and minimal interruption to the client.  Another potentially disastrous situation turned into little more than a routine procedure, thanks to having proper protective measures (Datto in this case) in place.”

Have Your Customers Encountered CryptoLocker?

It’s great to hear our Partners’ success stories using Datto.  They certainly also make a point to mention that they don’t experience the same positive results for their clients that don’t have Datto installed.   Email me at hwainwright@dattobackup.com with your CryptoLocker stories.

You can check out Chris’ 4 Steps to Recover from CryptoLocker on the Datto site.  Most importantly, Chris points out that “If there are ever any problems with the recovery we are here 24/7 to assist in any way possible.”

Holly Wainwright is Director of Marketing at Datto. Datto Inc. is an award-winning vendor of backup, data recovery (BDR) and intelligent business continuity (IBC) solutions, providing  technology and support to more than 5,000 channel Partners throughout North America and Europe. Datto’s hybrid-cloud BDR/IBC technology provides instant on- and off-site virtualization of servers and workstations, serving the needs of small to medium-sized businesses.

Discuss this Blog Entry 0

Post new comment
or to use your MSPmentor ID
Backup and Disaster Recovery

Sponsored by Datto Inc.
Datto Inc. is the preferred provider of hybrid cloud-based backup, disaster recovery (BDR) and Business Continuity (IBC) solutions for the Channel. Datto provides best-in-class technology, including many proprietary, and 24/7/365 Tech Support to its 8,000 partners worldwide. Unique feature sets include instant local and off-site virtualization, Screenshot Backup Verification, Inverse Chain Technology, and End-to-End Encryption.

 

Sponsor's Tweets
Datto Video
Datto Backup 2-Minute Explainer

When a business demands more than just a backup solution, get serious about a comprehensive Business Continuity solution. However, it’s key to look at all the elements before making a decision between uptime and downtime.

 

News and Insights
News and Insights from Talkin’ Cloud

Talkin’ Cloud covers cloud services providers (CSPs), cloud integrators and channel strategies for public and private cloud initiatives. It is the first blog dedicated to cloud computing in the IT channel.


News and Insights from The VAR Guy

Anonymous. Informed. Opinionated. The VAR Guy covers what's next in the IT channel, while injecting unique perspectives - and a healthy dose of humor - into the conversation. Working in the shadows at major IT conferences worldwide, The VAR Guy cuts through the hype and pens the IT channel's most popular blog.



Sponsored Introduction Continue on to (or wait seconds) ×