I
typically don't like to put out a warning every time a new virus rears its ugly
head. I worry that by issuing a warning about specific computer viruses that it
creates the perception that people should only worry about viruses we talk
about it - instead of being constantly on the alert.
The
sad reality is that hundreds of viruses and variants of existing viruses are
flung onto the Internet every single day. So, raising an alert about one
particular virus seems silly in some respects. However, in this case, I think
that reminding people of the need to be ever vigilant by talking about this
particular piece of nasty is worthwhile.
I
spent much of my Thanksgiving weekend recovering about 50,000 files that were
damaged by one single infection of the virus generally called CryptoLocker.
Here's what it does. First, it applies strong encryption to any documents
(Word, Excel, PDF, etc) it can find on the host computer or any network shares.
This encryption essentially makes the files unreadable (unless you have the
decryption code). Second, the virus posts a ransom message asking for $300 on
the user's computer! It's simply a 21st century shake-down.
Apparently,
if you pay the $300 (through untraceable online payment methods) they will
decrypt your files and make them accessible to you again. Sometimes, though,
the decryption doesn't work - they didn't spend as much time developing the
decryption component as they did the encryption part. Scary huh?
You
can't decrypt the files on your own. Your only option, if you don't want to pay
the ransom, is to restore your files from backup (which is what I did for this
particular client).
How
did they get the virus? It's hard to tell but it appears this one can come from
various sources. It could have been from an attachment on an e-mail, or from an
infected website, or maybe it was dropped by another virus.
But,
you say, it couldn't happen to you because you have antivirus installed. Right?
Wrong! The major antivirus software vendors don't seem to be able to catch this
virus before it does its damage. Now, that's scary! The good news is that there
is a way to block the virus by making a configuration change on your network.
If you're a client of ours, we've already done that for you. If not, contact me
and I'll tell you how.
The
bottom line? It's always education and awareness. People need to be suspicious
of unexpected file attachments. They need to understand that banks, couriers
nor Microsoft will e-mail you asking for credentials or information. It's
common sense. If you aren't sure about a website or an e-mail, then pick up the
phone and call. Be suspicious. A little bit of paranoia can save you a lot of
headaches and lost time.
As
always, I welcome your comments and questions.
Visit
our website at http://www.carefreeit.ca or e-mail us at info@carefreeit.ca and
sign up for a free on-site technology review. We'll be happy to stop by your
office to help you map out a plan to reduce the inherent IT risk that every
company faces, and share with you our ideas on support and costs. We are simply
offering this to you as a no-risk way for you to check us out and consider
using us for all of your IT support.
Article
Source: http://EzineArticles.com/?expert=John_Balch
Article Source: http://EzineArticles.com/8085160
No comments:
Post a Comment