There's a prevailing malware threat that's impacting the IT environment called CryptoWall. CryptoWall is a particularly disruptive piece of malware that can bring your business to a complete standstill.
Looks and sounds ominous, doesn't it?
As you are well aware, the internet, email and their ability to send attachments is a mainstay of the daily business process. Bringing this process to a halt, can cost time and money. As the focus of my quarterly newsletter this month, I would like to draw your attention to a potentially disruptive piece of malware that can bring your business to a complete standstill. It’s scary, it’s vicious, and goes by the name: CryptoWall.
This particular form of malware seeks out and encrypts documents on the infected machine as well as any connected shares or drives within your company's environment. The victim is then prompted to pay a ransom to obtain a key to unlock the files. Some variants of the malware will even double the ransom and ask again. Unfortunately, paying the ransom does not always result in obtaining the key or decryption of the files. As of August 2014, over 600,000 computers are known to have been infected, and over $1,000,000 has been paid in ransom. In the Month of October alone, we have treated 3 cases of CryptoWall for our clients. It can be painful, but we are here to help.
How can this monstrosity be stopped?
No matter how many layers of security protection are put in place on your network or workstation, it will not be able to stop all malware every time, but you can minimize your exposure through being vigilant, being aware and being safe.
Be Vigilant: This category of malware, which is sometimes referred to as “ransom-ware,” is distributed through spam emails, malicious advertisements on legitimate websites, and as fake updates for applications such as Adobe Reader, Adobe Flash, and Java. Do not open any emails in which you do not know where it came from.
Be Aware: Most of the spam emails are variations of some kind of notification for a fax, a voice mail message, or a UPS shipment. Some appear to be from a government agency and refer to a fine or court proceeding. Some example subject lines are listed below:
"voice message from 474-438-5957 for mailbox 120"
"INCOMING FAX REPORT: Remote ID: 385-567-7335"
"Message at 2014-05-06 08:11:55 EST boundary="----- -05020600703040205040303"
"UPS Exception Notification, Tracking Number 1Z522A9A6892487822"
Be Safe: The emails may contain an attachment or the body of the email message may contain a link to an external website or download. It is not uncommon for the email messages to be written in stilted or ungrammatical English, although we expect this to change as the attackers become more sophisticated. You are no longer required to download a file and run it in order to activate it; merely clicking on link through an email can be enough for you fall victim. You can help prevent CryptoWall by not clicking on a link in an email unless you are absolutely certain they know where it leads. The same goes for attachments, if you do not process ACH transactions or expect an email from UPS or an online fax service, do NOT open the attachment or click the links.
Let’s all try to have a safe and Happy Halloween. Following the aforementioned steps, to prevent creepy malware like the CryptoWall will help keep your workstation, network and business from falling victim to Tricks this halloween season.
Remember: When in doubt, check it out before clicking.
Here two new tutorial videos showing how our clients utilize our Managed IT Services.