Last year saw a number of highly publicized security threats that many companies struggled to deal with. One of those was some nasty malware called Cryptolocker, which held your files for ransom. While this has now largely been dealt with, news is surfacing of a second version – called CryptoWall – that has begun to infect users.
Crypto malware is a type of trojan horse that when installed onto computers or devices, holds the data and system hostage. This is done by locking valuable or important files with a strong encryption. You then see a pop-up open informing you that you have a set amount of time to pay for a key which will unlock the encryption. If you don’t pay before the deadline, your files are deleted.
When this malware surfaced last year, many users were understandably more than a little worried and took strong precautions to ensure they did not get infected. Despite these efforts, it really didn’t go away until earlier this year, when security experts introduced a number of online portals that can un-encrypt files affected by Cryptolocker, essentially neutralizing the threat, until now that is. A recently updated version is threatening users once again.
Possibly because of efforts by security firms to neutralize the Cryptolocker threat, the various developers of the malware have come back with an improved version, CryptoWall and it is a threat that all businesses should be aware of.
With CryptoWall, the transmission and infection methods remain the same as they did with the first version: It is most commonly found in zipped folders and PDF files sent over email. Most emails with the malware are disguised as invoices, bills, complaints, and other business messages that we are likely to open.
The developers did however make some “improvements” to the malware that make it more difficult to deal with for most users. These changes include:
Unlike other viruses and malware, CryptoWall doesn’t go after passwords or account names, so the usual changing of your passwords won’t really help. The best ways to prevent this from getting onto your systems is:
Should your files be attacked and encrypted by this malware, then the first thing you should do is to contact us. We can work with you to help find a solution that will not end up in you having to pay the ransom to recover your files.
FOR HELP Call us on 01302 732190.