Important Virus Alert!!
There is a new strain of the Crypto ransomware virus, like previous infections it is delivered via email. In this case the subject line says “Resume” with an attachment labeled “my_resume.zip “. This email bypasses most email scanning engines as well as virus protection programs. Should a user open the attachment, their PC will become infected with the Crypto virus.
Once the attachment is open the Crypto virus is designed to find and infiltrate network shares and starts encrypting files within them. Once the files are encrypted the only way to access them again is to pay a ransom upwards of $1,000.00 or restore the files from a good, working backup.
In addition, the user’s PC will have to be completely wiped out and reloaded with the Operating System and application software in order to completely guarantee the virus has been removed.
ACE IT Solutions has been able to successfully repair Crypto’s damage by utilizing backups of our client environments. Otherwise, you are at the mercy of paying the ransom amount and hoping the key provided will unlock your files. If the provided key does not work, you will lose access to the infected files forever.
WHAT CAN YOU DO?
IBM recently warned against spear phishing attacks using the Dyre Trojan for cyberheists of more than 1 million dollars at a time, and suggested policy and procedures to block these attacks. Obviously things like having recent backups, excellent patching discipline and good filters at the network edge are a given. IBM advises:
“Organizations will remain only as strong as their weakest link. Proactive end-user education and security awareness training continue to be critical in helping prevent incidents like the one described in this advisory.
- Train employees on security best practices and how to report suspicious activity.
- Consider conducting periodic mock-phishing exercises where employees receive emails or attachments that simulate malicious behavior. Metrics can be captured on how many potential incidents would have happened had the exercise been a real attack. Use these findings as a way to discuss the growing security threats with employees.
- Offer security training to employees to help understand threats and measures they can take to protect the organization.
- Provide regular reminders to employees on phishing and spam campaigns and that they shouldn’t open suspicious attachments or links from both work and personal emails.
- Train employees in charge of corporate banking to never provide banking credentials to anyone. The banks will never ask for this information.
- Refrain from opening any suspicious emails and attachments.
- If you are not sure what the attachment is, do not open it and delete the email.
- Make sure you are not saving critical data to your PC, but rather saving it to a network share that is backed up consistently.
ACE IT Solutions offers security awareness training and phishing tests to help educate your users about safe internet practices. If you have not yet done our security awareness training or phishing test, please contact us at 646.558.5575 to set up the training.