Crypto Locker WARNING: Protect your company

Crypto Locker WARNING: Protect your company

Whether you find online security complicated or confusing, or simply haven't thought about keeping your personal or office computers safe for a while, now is the time to take action.
As you may already know, there is a SERIOUS virus going around which encrypts all your office documents and other important files. It's called Crypto Locker .
In what is one of the largest coordinated global efforts to disrupt a cybercrime campaign to date, law enforcement agencies in 11 countries - including Europol, the FBI and the UK's National Cyber Crime Unit - have disrupted the operation of a cybercrime gang which is responsible for the theft of hundreds of millions of pounds globally.
In the UK, more than 50,000 computers are believed to have been infected and the National Crime Agency has issued a stern warning telling people they have just "two weeks" to update their systems and protect themselves from "a powerful computer attack".The plan is to attack the parasite hard for two weeks while removing as many viable hosts as possible at the same time so that propagation targets will be limited after the attacks subside
At this time there is no 100% effective protection against Cryptolocker. It is distributed as a link in an email which has some content that entices the user to click on the link.
Some examples are:
• “Your Facebook account has been compromised”
• “HMRC has detected you paid too much tax”
• “Your bank account is on stop please click here to login and change your password”
• “Undelivered parcel waiting for you”
These message are dressed to look like they come from official sources such as eBay, Facebook, high street banks, couriers etc. The emails have an attachment which if downloaded, will infect your PCimmediately. The malware seeks out financial information stored on your PC and if it doesn't find anything, it installs the Cryptolocker ransomware, which encrypts all your files and demands a ransom to be paid within 72 hours.
Emails may seem legitimate but could have a link to an external website. Clicking this link downloads and runs the crypto locker executable and you don’t immediately notice anything happening. In the background the program is encrypting every word and excel document, every picture, pdf any many other file types with a 1024bit encryption key (same type as banks and military use).
You only notice this when you start having problems opening some files. At some point you will get a ransom demand (approximately £400) to release the private encryption key to get your documents back. Either pay up (which is not recommended as this money is directly funding terrorist organisations) or restore your data and lose any work since your last back up.
What can I do to protect my organisation from this virus?
The only means of mitigating this risk is making sure that EVERYONE in your organisation including remote branches follows these guidelines.

1.
 DO NOT, UNDER ANY CIRCUMSTANCES open any link or attachment  from an email unless you were 100% expecting to receive it.  These emails can look like they came from people you know or have dealt with in the past.  It’s better to miss an email than take the risk of infecting your system.  If you are suspicious of an email pick up the phone and confirm it.

2.
BAN the use of personal email accounts (e.g. Hotmail, Gmail etc.) on the system at any time.

3.
 Make sure that ALL user accounts have a secure password which should not be shared with other users.

4.
If anything suspicious is encountered notify us IMMEDIATELY.  We have had instances where a user realises they’ve done something bad and just walked away hoping they won’t be found out.  The Crypto locker ransom will appear on the machine which originally downloaded the infection so it will be easy to identify the culprit.

5.
Make sure backups are running and tested regularly and the media is swapped on a regular basis.

6.
 Make sure that your antivirus software is running and up to date.

7.
Make sure your operating system is updated with any patches which Microsoft has issued.

 
Our message is simple: Update your operating system and make this a regular occurrence, update your security software and use it and, think twice before clicking on links or attachments in unsolicited emails.
If you need a backup routine, IT policy or have any questions about backup and, or antivirus software - contact us with any questions or concerns.
 
 

53 Moss Road, Banbridge, County Down, Northern Ireland, BT32 3NZ, Tel: +44 (0)28 4065 1009. Copyright EOS IT Solutions 2016.