|
CryptoLocker Email Infections on the Rise
Hanson observes increases in CryptoLocker virus infections in recent weeks
Hanson Information Systems has observed significant increases in calls from computer users infected with a ransomware virus and warns all users to exercise caution before opening email attachments. Data loss is a growing threat to businesses and computer users, who can suddenly find they are unable to open or use files when their machines become infected with ransomware. The malicious software can attack any user - an individual, small business, Fortune 500 company or a government agency.
What is Ransomware?
Ransomware generally comes in two categories. Either it holds data ransom by preventing access to files, documents, photos and other personal information on a computer, or it holds the entire computer ransom by completely preventing use. In either case, a ransom must be paid (usually $500 - $700) before a user is allowed to access their data or to unlock the system. Not only is the infected computer held hostage, but also all network locations that computer has access to, including servers. Although ransomware has been around since 1989, it has recently become a lucrative cash cow for cyber criminals. While its primary goal is to generate revenue, ransomware also makes use of sophisticated techniques to exploit vulnerable systems. Cryptowall uses a variety of techniques to take over computer systems - most commonly via the following:
-
Malicious email attachments
-
Malicious web sites (or legitimate web sites that have been hacked to secretly load malicious code onto unsuspecting visitors)
-
Malvertising (malicious advertisements on legitimate web sites)
After the Infection Occurs
Ransomware encrypts files on your computer and also those to which you may have access. This can include files on your network drives, such as Quickbooks files, financial spreadsheets and word documents. There is no method for unencrypting the files that are locked. Once those files are encrypted, there are only two options:
-
Pay the ransom (and hope that access to files will actually be restored)
-
Restore your files from the most recent backup (only as valuable as the timing of that back up)
Regardless of which option is chosen, the victim will have to deal with the aftermath of a data breach, if any files containing consumer data may have been accessed by the hackers - potentially including data breach notifications, costly computer forensics consultants and fines from anyone from a credit card company (if payment card data was breached) to the U.S. Department of Health & Human Services (if medical data was breached).
Minimize Ransomware Risks
There are several ways a business can minimize their infection risk to ransomware, including:
-
If you are still using Windows XP, migrate off as soon as possible - Hanson sees ransomware infections most commonly in businesses that have not yet migrated from this now obsolete technology.
-
Establish back up procedures - Businesses that have utilized back up services (either through onsite technology, offsite services or via the cloud) are typically able to recover their crucial data and can often avoid having to pay the ransom demanded.
-
Anti-virus software - Having current virus protection software is a basic necessity, but not necessarily a barrier to ransomware as it cannot prevent a user from opening malicious files.
-
Utilize cloud technology - Cloud computing is becoming increasingly appealing to businesses as a form of backup service. As security researcher Brian Krebs wrote recently, "Cryptolocker might be the best advertisement yet for cloud data storage systems."
-
NEVER open unfamiliar attachments - While this has always been recommended, it is more important than ever with the growth of ransomware, which is most often downloaded as an email attachment or link in an email.
Hanson Information Systems is available at support@hansoninfosys.com or 1-888-245-8468 for questions or to assess your business' security needs. (Information obtained from articles in Business News Daily, Inc.com, Tech Lock, Fox Business, and Today.com)
|
|
|
|
|
« Back to all articles