Information and How to Protect Your Organization
Why is this important?
We have seen the Cryptolocker malware strike multiple organizations the past two weeks and it has proven significantly disruptive.
What is malware?
Malware is software that is designed to perform malicious activities. Malware could steal passwords, delete information, generate SPAM, or a variety of other disruptive actions.
What does Cryptolocker do?
Cryptolocker is “ransomware.” It encrypts files (including network shares) and demands a ransom to have the files decrypted. If you do not have viable backups, you are at risk of losing this information.
How do I get infected with Cryptolocker?
The most common pathway is via email. Staff receive a message purporting to be information from FedEx, UPS, Dun and Broadstreet, or possibly other entities. The email message contains an attached zip file that the receiver is instructed to open. Inside the zip file is the cryptolocker virus. This is also known as “social engineering.” The messages are designed to get the recipient to perform the action of opening the zip file and running the malware.
How can protect my organization from Cryptolocker?
In a nutshell, you protect yourself from Cryptolocker in the same way you protect your organization from every other kind of information threat. Good basic security practices including:
- Make sure you have a solid backup system for your data and that you test your backup/restore frequently (we recommend once every 3 months)
- Make sure you have a good firewall in place with UTM (Universal Threat Management) with active subscriptions. We recommend Sonicwall and Fortigate as reasonable cost UTM firewalls.
- Have a good, managed anti-malware solution in place. We recommend a managed system such as AVG CloudCare. A managed AV system gives you assurance that all your computers are properly protected.
- Train your staff NEVER to open an attachment or click any links in emails that are unexpected, even if from a known person or entity (for example, you know FedEx, but weren’t expecting a message from them).
What if I have further questions?
Here is a detailed F.A.Q. on Cryptolocker (for more tech savvy folks): http://www.bleepingcomputer.com/virus-removal/cryptolocker-ransomware-information.
If you wish to discuss whether your organization is well protected, or if you’d like help making sure your organization is better protected, please contact us at [email protected].