As part of our ongoing commitment to providing service excellence, we are issuing this *URGENT* Technical Advisory for your information.
Related Technology: Ransomware virus/malware | CryptoLocker | CryptoWall
As of several months ago, a particularly nasty piece of malware has been infecting a large number of computers around the world. This software, referred to as ransomware, encrypts all valuable information (documents, spreadsheets, images, scans, accounting data, etc) and then demands a ransom for decryption. This effectively locks users out of their documents, and doesn’t allow them to access them again – ever – unless a very expensive ransom is paid, within a very short period of time.
This rampant malware is primarily executed through email, when an unwitting user opens an attachment which falsely claims to be an invoice, proof of payment, or a CV.
What are the implications for your business?
Loss of access to all your work-related documents. This has the potential to completely disable the ability of your business to function, depending on your reliance on your digital documentation.
What are your options?
This malware is incredibly virulent, and to date, most anti-virus products cannot protect against it. Ransomware code is written in a way that defeats even the most sophisticated detection methods. As evidenced by the official Wikipedia page (http://en.wikipedia.org/wiki/Ransomware) and many other websites, there is currently no known iron-clad prevention method.
However, a combination of methods can be employed to reduce the risk of your business getting affected by this malware.
Part 1) Educate all users on your business network about opening fake attachments
Part 2) Employ at least 3 technical methods:
A) Enable visibility of known file extensions
B) Install and run specific crypto-prevention software to apply blocking policies
C) Ensure up-to-date anti-virus installation
While these methods add extra layers of protection against this malware, there is still a chance that the malware might somehow be activated on your business network. In this unfortunate eventuality, you only have two options – pay the ransomware authors and hope you receive a decryption key, or restore your most recent backup of all your business data. This highlights the critical urgency of having full-featured, tested ‘offline’ backups.
Pro2col Lab would like to proactively protect our clients from this potentially devastating malware. To do this, we have collated a number of technical resources, and are offering a discounted package to implement these protection measures.
• A brief guide on how to avoid opening untrusted email attachments, available as a PDF to all users – those instructions can then be printed out as necessary. We can also explain this all telephonically.
• A remote control session to implement and apply known file extension visibility, essential to identify false email attachments.
• Installation of a utility which blocks ransomware from executing in all currently known locations.
• Anti-virus status check and maintenance
Please note that it is of no use to protect just a single PC or a selection of PCs on your business network – all of them need to have the protective measures in place, otherwise they remain vulnerable, as does all your business data on your network
Until recently, this form of malware affected only PCs running Microsoft Windows, but Apple’s Mac OS X is now being targeted too. For Macintosh computers, only user education (and thorough backups) are available as mitigation against ransomware.
We are prepared to begin implementing this protection on your business network immediately. Please get in touch with us by logging a ticket via email to firstname.lastname@example.org
We trust you find this advisory useful and in the best interests of your investment into your business and your future business productivity.
Your Pro2col Lab Team