17 Oct 2013

New And Extremely Dangerous Security Threat! CryptoLocker

Wams, Inc.Articles  

WAMS has recently seen a spike in infections of a specific piece of Ransomware called CryptoLocker that we MUST notify you about. Just in the past few weeks, we’ve had numerous firms and businesses who hadn’t ever used WAMS reach out to us because they had recently been infected by this dangerous malware, and it’s scary stuff!

This malware is sophisticated enough to understand and bypass current anti-virus and anti-malware software. So even if you are using strong protection, that will not be enough!

CryptoLocker uses social media or email to infect and attack. The malware sends users a believable message supposedly from FedEx, UPS, etc. with a tracking number. The email appears to be very legitimate, especially if your firm ships things using one of these carriers (all of us)! Users are tricked into clicking the link and ultimately end up infecting their machine and even worse, the entire network.

This malware will look at the local and network drives and shares and will ENCRYPT files matching a set of extensions for common business applications. The data inside of most all of your applications as well as any of your documents would be directly affected!

The damages could be fatal and would leave you with a file restore as your only option. The damage will also render your documents, spreadsheets, and PDF’s unreadable. The virus operates on file extensions, so typical Word non-extension files are probably safe, but Word forms with the .doc or .docx extension will be corrupted/encrypted.

As with many network security threats, antivirus/anti-malware companies are constantly on the defense against the threats. While it’s extremely important to have these measures in place, it cannot protect you 100% from viruses, malware, and cybercrime. What you can do though is have a solution already in place for when these nasty threats do penetrate.

This is a great time to also remind everyone about the importance backups!

At a daily minimum, you should have an offsite as well as an onsite image-based backup. On site backups allow you to restore your data quickly and easily, while offsite backups protect you against a catastrophic event at your location.

If CryptoLocker or any other threat happened to make it through your lines of defense, at least you will have an image-based back of your network, which allows you to “go back in time” to restore your network to exactly how it was before the malware hit.