Protect against Cryptolocker with MDaemon and BackupAssist

Cryptolocker is making the headlines for all the wrong reasons at the moment.

In the run up to Christmas where there’s likely to be a plentiful supply of email purchase confirmations flowing, I wanted to share my recommendations for keeping your data safe and secure.

What is Cryptolocker?

This new form of virus (actually a trojan-horse) known as ransomware, arrives by email with an attached zip file, usually containing a PDF with a hidden double extension (.PDF.EXE). When opened, the virus encrypts your hard disk, your network shares, Dropbox (you name it basically!) and effectively holds it at ransom until you agree to pay an extortionate release fee using the virtual currency BitCoin.

How can I protect against it? Our recommendations.

  1. Back up everything ‘off line’ to a location not connected to your network* see update – we of course recommend using BackupAssist as it supports removable USB drives, RDX and tape destinations (free 30-day trial).
  2. If you use MDaemon email server, follow the instructions below to ensure your settings are optimised for best protection.
  3. Be doubly sure your antvirus software and security patches are fully up to date.
  4. Be security savvy – don’t open any unsolicited emails, particularly if they contain attachments. If it’s from a provider you know such as Amazon or Paypal for example, log in to your account where possible to check the information you’re receiving correlates with the action you’re being asked to perform.

How to tighten your MDaemon email server security settings

There’s a general trend in ‘spammy’ email that message sizes are growing but particularly with Cryptolocker attacks the files tend to up to a few hundred KB’s in size. For this reason, we recommend you raise the limit of the size of messages MDaemon will review to 500KB. This creates a small amount of additional resource overhead but it’s so marginal it’ll barely be detectable.

Recommendation 1: Increase your spam detection limit to 500KB

GO TO: Security -> Spam Filter -> Options

Simply enter 500 in the ‘Don’t filter messages larger than‘ box, click Apply and then Ok.

.Recommendation 2: Increase the frequency of antivirus updates

Because of the rapidly morphing nature of the Cryptolocker attacks, we’re advising you reduce the update window on virus definitions for best protection.

GO TO: Security -> AntiVirus -> AV Updater -> Scheduler -> AntiVirus Updates –> Schedule

If you’re not yet using any spam and virus pre-filtering service or the SecurityPlus add-on for MDaemon, I’d highly recommend you make sure that becomes an absolute priority.

I hope you found this useful – I will of course update you with any new developments that might be helpful.

– – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – –

Zen Software logo       Try any of our software completely free for 30-days:

MDaemon email server  |   BackupAssist   |   MailStore email archiver

2 thoughts on “Protect against Cryptolocker with MDaemon and BackupAssist

  1. Pingback: How to create a company-wide ‘out of office’ responder | Zen Software Blog |

Let us know what you think....

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s