According to industry security experts there has been a surge in CryptoWall ransomware attacks this month coinciding with a new malware that is being spread through advertising networks. Unfortunately, a few of our clients have already experienced issues with this newer virus.
What is Ransomware and CryptoWall?
Ransomware is a type of malicious software that infects a computer and restricts access to it until a ransom is paid to unlock it. This type of malware has been observed for several years and is typically spread through phishing emails that contain malicious attachments and unsuspected downloads. Ransom has sometimes been demanded in virtual currency such as Bitcoin. Learn more by reading Alert (TA14-295A) released by the United States Computer Emergency Readiness Team's website.
CryptoWall 2.0 is an October 2014 update of the original file-encrypting ransomware program that was released in April 2014 that targets all versions of Windows. CryptoWall scans your computer for data files and "encrypts" these files, rendering them unopenable. Once the virus has encrypted the files on your computer it will open a window that contains instructions on how to access the Decryption Service where you are required to pay a ransom to purchase the corrective program.
This newer version of CryptoWall has been modified to bypass anti-virus and malware programs making it more difficult to detect quickly. The virus can come in as an e-mail link or attachment, but can also be downloaded from an infected website, screensaver, advertisement, etc.
Once a workstation is infected it will search all shared drives and resources before encrypting all network files and the attached drive. Virus and malware scans are unable to find the original infected file because it is a signed application vs. a virus.
The best defense against a ransomware attack is to take precautions well in advance of an attack.
Ten preventative measures to protect your computer network now.
If you happen to open a file or link and think that you have an active infection it is important to work quickly. Encryption takes time and you may notice that your computer is running slower or that programs are not properly running. Your best defense is to turn off your computer and disconnect backup/network or shared server drives as this will end the encryption process and limit or prevent the situation from spreading to other connected devices. From this point on it is not a do-it-yourself project. Seek competent professional help.
Main take-away of this article: If it is free and not from a reputable vendor do not download it. If the e-mail looks even a little suspicious do not open it. When in doubt delete or ask an IT professional about it first.
Visit our website Data Security and Backup page for more information and helpful links.
United Solutions provides unmatched software solutions and support for more than 3,000 clients in the construction, real estate industries. We enable our clients to operate at peak efficiency and maximize their profits.Read More
Subscribe to Our eNewsletter