We recently reached out to you with a service notification updated about a type of malware called CryptoLocker and a new variant, CryptoWall. This is a crippling infection and has the potential of encrypting all of your files. Over the last 2 weeks, 4 of our customers have been infected with this malware, so we wanted to reach out again and stress the importance of user education in protecting your network.
As a brief summary, CryptoLocker and CryptoWall typically infects through malicious attachments or links in emails that are designed to look legitimate. The emails are altered to look like they are coming from a legitimate company like FedEx, UPS, ADP, etc, and aimed to trick the user, so they click on the attachment or link. Therefore, it’s of the upmost importance to educate your users to not open attachments or click on links in emails they were not expecting. Once infected, the malware will proceed to encrypt files on the infected computer and any network shares that the computer has access to. After the files are encrypted, you will not be able to access them and have 2 options to decrypt. You can either pay the required ransom or restore from back-up. Having a solid back-up solution is also very important, so that if your network does get infected, we are able to restore the files from a good back-up. Depending on when the last good back-up was done, it could result in losing days’ worth of work.
Any anti-virus program you have running will not protect against this malware infection because it requires a user to click on something, which over-writes the protection the anti-virus software provides. User education is the best defense against CrytoLocker or CrptoWall.