We wanted to take this opportunity to give an update in regards to the CryptoLocker malware that we first notified you of last October. Since our original communications, there have been some concerning evolutions in this genus of malware including variations in its aggressiveness and infection path. The latest variant of this infection goes by the name CryptoWall.
Like CryptoLocker before it, CryptoWall can infect PC’s via targeted email, and proceeds to encrypt files on the infected computer and on any network shares that the computer has access to. It also demands a ransom to decrypt your data and provides a deadline for payment. Unlike CryptoLocker CryptoWall can also infect machines through hijacked web advertisements and through infected downloads, demands ransom be paid in difficult to obtain BitCoin, and the ransom has increased to $500.
At TNSC, we are constantly striving to stay ahead of emerging malware threats, and as such, have already been re-enforcing our existing defenses against CryptoLocker and developing new defenses against CryptoWall. Even if you already had our original CryptoLocker block installed on your network, to get maximum coverage you will need to have us apply the latest defenses we have against the new variants. Applying these defenses through our managed services could create a temporary impact as we fine tune them for your unique environment, however this discomfort is minimal compared to the impact of actual infection.
While we can apply protections against this malware to your network, your best hope of mitigating impact is to have a solid pro-active defense strategy. This strategy should include: