I'm interested how everyone else has been protecting there networks from the CryptoLocker malware/virus.
In the last few months we've been hit 3 times taking out different departments and encrypting the files the user has access to.
We have an extensive backup system so we've been able to restore any encrypted files, however the clean up time is extensive and disruptive.
Each time the user has been searching something in Google, clicked on a search result and been infected.
We have endpoint virus scanning as well as web scanning through our proxy and of course all our email is scanned, however because the signatures of the viruses/malware change so fast the scanners are not detecting the threat and we're getting infected.
Any suggestions? I'm thinking some sort of Advanced Threat Protection?