Cryptolocker Ransomware has ‘infected about 250,000 PCs’
Infected victims are given a time limit to release their data before they lose it forever
A virulent form of ransomware has now infected about quarter of a million Windows computers, according to a report by security researchers. Cryptolocker scrambles users’ data and then demands a fee to unencrypt it alongside a countdown clock.
Dell Secureworks said that the US and UK had been worst affected. It added that the cyber-criminals responsible were now targeting home internet users after initially focusing on professionals. The firm has provided a list of net domains that it suspects have been used to spread the code, but warned that more are being generated every day.
Ransomware has existed since at least 1989, but this latest example is particularly problematic because of the way it makes files inaccessible.
“Instead of using a custom cryptographic implementation like many other malware families, Cryptolocker uses strong third-party certified cryptography offered by Microsoft’s CryptoAPI,”
“By using a sound implementation and following best practices, the malware authors have created a robust program that is difficult to circumvent.”
The first versions of Crytpolocker appear to have been posted to the net on 5 September.
Early examples were spread via spam emails that asked the user to click on a Zip-archived extension identified as being a customer complaint about the recipient’s organisation.
Later it was distributed via malware attached to emails claiming there had been a problem clearing a cheque. Clicking the associated link downloaded a Trojan horse called Gameover Zeus, which in turn installed Cryptolocker onto the victim’s PC.
By mid-December, Dell Secureworks said between 200,000 to 250,000 computers had been infected.
It said of those affected, “a minimum of 0.4%, and very likely many times that” had agreed to the ransom demand, which can currently only be paid in the virtual currencies Bitcoin and MoneyPak.
|Top 10 infected countries||Number of infected systems identified using test “sinkhole” servers between 9-16 December||Percentage of total|
|Source: Dell SecureWorks|
“Anecdotal reports from victims who elected to pay the ransom indicate that the Cryptolocker threat actors honour payments by instructing infected computers to decrypt files and uninstall the malware,” added the security firm.
“According to reports from victims, payments may be accepted within minutes or may take several weeks to process.”
However, Trend Micro, another security firm, has warned that giving into the blackmail request only encouraged the further spread of Cryptolocker and other copycat schemes, and said that there was no guarantee of getting the data back.
Dell suggested PCs be blocked from communicating with the hundreds of domains names it had flagged as being linked to the spread of Cryptolocker, and it suggested five further steps the public and businesses could take to protect themselves:
- Install software that blocks executable fields and compressed archives before they reach email inboxes
- Check permissions assigned to shared network drives to limit the number of people who can make modifications
- Regularly back-up data to offline storage such as Blu-ray and DVD-Rom disks. Network-attached drives and cloud storage does not count as Cryptolocker can access and encrypt files stored there
- Set each PC’s software management tools to prevent Cryptolocker and other suspect programs from accessing certain critical directories
- Set the computer’s Group Policy Objects to restrict registry keys – databases containing settings – used by Cryptolocker so that the malware is unable to begin the encryption process
Guide to Promoting Your Web Site on the Internet
Most businesses have a website now, used to promote their range of products & services or to raise company profile on the World Wide Web. Search Engine Optimisation & Internet Marketing can be used to help you gain an advantage over the competition in search engine results. So what are some of the crucial elements that you should be aware of?
Key Word Selection
Selection of the appropriate keywords will help ensure your website is listed well in the SERPS (ranking results) when people search for products or services offered by your business.
Good Quality Content
It is important to keep the content on your website relevant and original. This will give your website credibility, help you attract visitors and, importantly, this is something the Search Engines appreciate.
Websites that include an up to date site maps are easier to index by the Search Engines and may be ranked higher. A site map provides direct links to each page and the respective content on your website. Site maps improve Search Engine results, regardless of the size of your website.
Set up your Meta tags to reflect the core key phrases relevant to your website project. The Search Engines suggest limits on the number of characters you should include in the meta tags, try not to exceed these limits and remember the meta tag data should be representative of the page content.
Generating Inbound Links
There are many different ways to generate inbound links, for example through article submissions and blogging. Gathering quality (and relevant) inbound links is ‘currently’ one of the most important aspects in effective Search Engine Optimisation.
Effective Search Engine Optimisation & Internet Marketing
Effective Search Engine Optimisation & Internet Marketing can be extremely time consuming and, as SEO ranking criteria is constantly changing, then for many business hiring an SEO company such as Direct Submit is the most appropriate way to ensure your website achieves good rankings in the major Search Engines.
Call us now on 0845 272 2350 to see what we can do to help you get more from your website.
Expanding Landscape Gardening Services
One of our clients has expanded the range of its services to include the Newcastle area. The success of the client website in promoting their range of landscaping services across Sunderland, Durham and Teesside has encouraged Cedars Landscaping to now offer their diverse range of landscape gardening services for properties and business across Newcastle and the surrounding areas.
Through effective online marketing and SEO provided by Direct Submit, Cedars Landscaping Cedars are now expanding into new markets. Why not contact Direct Submit on 0845 272 2350 to see how we can help you make your website worker harder for your business.
Making a Website Work for your Business
As we approach 2014, we at Direct Submit thought it might be useful to repost the following blog article. We have had a few clients of late ask how to make their website ‘work for their business’, with many having invested considerable amounts into a website that doesn’t appear to doing anything to help their business or generate interest in their products or services. In a perfect world, SEO would be developed while a website is still in infancy. While this ideal situation rarely occurs, the following steps summarise the process as it should occur every time.
Key Phrase Strategy and Website Development
Before building your website, you must have a keyword strategy. Select key phrases that are relevant to your business and receive an acceptable level of traffic. It is often appropriate, particularly for smaller / new businesses, to avoid the most competitive phrases where the level of competition you would be up against would be significant. You can always develop to these phrases as your business grows.
Once you have selected your keywords you can begin to develop the website using basic SEO site structure principles. These include the Meta titles, Meta descriptions, linking strategy, clear site navigation, optimised coding and great content.
Try to include some web analytics platform that will allow you to monitor users are coming from and what search terms they are using. One free example is Google Analytics which provides a reasonable level of feedback on the traffic levels and sources to your website. This information will enable you to monitor and update your website to try and achieve the best results possible within your market sector.
Driving Traffic to the Website
Obvious really, but look to get your web pages listed in the main search engines as quickly as you can. You can submit the website, but also look to get your URL linked to from websites already in the search engines. Subscribe to directories and develop a strategy for effective link building. Remember, with links, it’s about quality, not quantity; a handful of links on top-notch sites is worth hundreds of links on irrelevant, insignificant sites.
Incorporate off site and traditional marketing methods. For example, include your web address on your stationary and have it displayed on the side of company vehicles.
Consider employing the services of an Internet Marketing specialist to help with the Search Engine process. At Direct Submit we regularly see clients who have spent thousands on a website assuming, the traffic will just come, only to find their lovely looking website is not SEO friendly and they have no identifiable SEO strategy in place.
Monitor, Evaluate & Refine
After you campaign has run for a time, review and look to assess how the project has been working. Are your keywords receiving the most traffic and bringing in the best ROI, is your website listed in the major search engines and do you need to update /refine the website content.
The Importance of Choosing and Researching Keywords
It can be difficult to choose the keywords that describe your company and its products or services so that users will see your website when they perform an online search. Obviously, you want people who are searching for what products or services you provide to find your website near the top of the search engine results pages, so how do you achieve this?
The answer is “by using keywords and key phrases in your website content.” These are the words that people type into search engines when they are looking for something.
Choosing and researching good keywords is a process that takes several steps that can essentially be broken down into the following stages:
Initial keyword Research. Have a brain storming session with your staff and, if possible, customers. Ask other people for ideas, too, including your family, try to get as many opinions as possible. You will often discover that what you consider your optimal key phrases are not those typically used by your customers.
Use Key Word Research Tools. There are several online keyword research tools that offer information about the number of times users perform searches for specific words. These can help you identify key phrases ‘related’ to your products or services that might help generate quality traffic to your website.
Selecting of Key Words. Use the research you have done and select the most appropriate key words that is likely to deliver the best results for your business. Note this may mean you choose a key phrase that isn’t the most searched for (which will probably be the most ‘competitive’ in terms of achieving a page 1 result on the web) but which will bring you high quality traffic in numbers that should help generate you business.
Analytics. After you’ve chosen your keywords and optimized your site, you need to perform measurements to see whether it’s delivering the amount of traffic and conversions you expected. You can use this information to make adjustments and refine your keyword strategy. The above represents a fairly basic overview of choosing effective key phrases for your website and the web is full of more in depth articles and guides to help you.
For more information on choosing the right key words for your website call Direct Submit Internet Marketing and see how we can help you make the most of your Internet project.
Internet Marketing by Direct Submit
Police Crackdown on Pirate Site Ads
Websites illegally hosting copyrighted content have been targeted by City of London Police.
In an operation run by the Police Intellectual Property Crime Unit (PIPCU), 61 websites were identified as displaying unauthorised material. They were asked to “correct their behaviour” and “operate legitimately”.
Details of those that did not were passed to brands with a request to stop advertising on the sites in an attempt to reduce their revenue.
Forty websites have now been suspended.
A partnership known as Operation Creative, involving City of London Police, advertising bodies and representatives of the music and publishing industries, is designed to tackle internet-enabled crime.
In a pilot lasting three months, websites that had copyrighted material on them without consent were contacted by the police and asked to remove the content and operate within the law.
Brands whose adverts were found on the sites were asked to stop any advertising to reduce funding to the sites. If the websites continued to ignore warnings, their details were passed by police to domain name registrars explaining that they were “facilitating copyright infringement under UK law”.
This pilot approach lasted three months and during that time PIPCU said the presence of adverts from well-known brands decreased by 12%. However, there was a significant increase in adverts that led users to explicit content or exposed users to malware as websites tried to replace advertising from those well-known brands, PIPCU said.
“Operation Creative is being run… to really get to grips with a criminal industry that is making substantial profits by providing and actively promoting access to illegally obtained and copyrighted material,” said Supt Bob Wishart.
The scheme encourages offenders to change their behaviour so that they are operating within the law, he added. “However, if they refuse to comply we now have the means to persuade businesses to move their advertising to different platforms and, if offending continues, for registrars to suspend the websites,” he said.
Geoff Taylor, chief executive of BPI, said that it was important to disrupt funding to illegal websites.
“These sites expose consumers to scams and malware, deny creators their living, and harm brands by associating them with illegal and unsafe content,” he said.
It is hoped that the pilot will lead to a full operation starting in 2014.