CryptoLocker and CryptoWall Service Notification

CryptoLocker and CryptoWall Service Notification

We wanted to give you an update since our last communication regarding the CryptoLocker and CryptoWall malware infection.

First, it appears that some security researchers were able to break into the main CryptoLocker database and have retrieved the keys to decrypt the files. They have released this information to the public, so people can decrypt their files without paying the ransom. We are investigating to see if this release is safe to use and if it will work. This only applies to the CryptoLocker malware and not the new variant, CryptoWall, which has a stronger encryption method. More information below:

Second, internally, we have been developing and testing several different methods to enhance our managed services tools to minimize the damage CryptoLocker/CryptoWall can do to your network. One solution is currently being tested in our beta group and provided that goes well, we will be deploying this to all of our managed services clients. If you have an AssistIT or SimplifyIT agreement, this will be pushed out to your network within the next 1 – 2 weeks automatically. If you do not have one of these agreements, we could manually push this preventative measure out through a group policy on your network. Labor to do this would be 2 – 3 hours. Note that this method will likely not save the infected workstation from being encrypted, but in most cases it will prevent the infection from spreading to your fileserver and other shared data repositories where the real damage is done.

On a separate topic, BBC has also released an announcement that a Russian Gang hacked 1.2 Billion usernames and passwords. More information on the details can be found in the below link:

Due to this new information, we highly recommend that you change your passwords to all banking and financial websites and other cloud based services you use that contain sensitive information. As a routine protective measure against hackers in general, we recommend as a best practice to implement a password changing policy for your own network that requires users to change their passwords every 60 – 90 days. We also recommend that the passwords be complex in nature (ie: 8 characters or more in length, alpha-numerical and at least 1 special character).

Posted in Blog Posts, Security

Share our post