Blog Detail

DON’T OPEN THAT RÉSUMÉ SO FAST: THE LATEST SCARY TREND IN RANSOMWARE

23 Jun 15
lverbik
, , , , , , , , , , , , , , , ,
No Comments

YOUR COMPUTER HAS BEEN LOCKED. Now you must pay ransom to an unidentified thief in order to unlock your computer system and gain access to your own data or lose it forever. This might be the worst message to ever have come across your computer screen. If you become its victim, the only way around it is either, 1) pay them, or 2) reformat your computer, and restore data from a backup (if you have it). There’s no easy way out—they lock your drive so you won’t be able to “hack” your way back in, and this is not only local drives, but they can affect mapped drives as well, so if you have a data drive on a company server that everyone uses, that one can be hijacked too.

You’ve just experienced CryptoWall, a new and highly destructive variant of ransomware—a malicious software that infects your computer and holds hostage something of value to you in exchange for money. With CryptoWall, thieves use asymmetric encryption, where the decryption key is different from the encryption key and is not stored next to the encrypted data. This forces victims to pay the thief a ransom for the decryption key to unlock the data. It is so insidious as to encrypt your data with RSA-2048 standard, which makes decryption just about impossible within the given timeframe the infection hobbles you with—usually 48 hours.

And now criminals have refined their malware yet again through the use of exploit kits to spread their poison deeper and wider. This time, with seemingly innocent looking résumés.

How it works:

A hacker sends a zipped file or corrupted word document appearing to be a résumé of a potential hire. When opened, it encrypts the entire contents of the computer and possibly network drives. Information on how to pay a “fee” to decrypt your files is then presented on the screen. After some time, the “fee” may double or you cannot retrieve the files at all. Criminals may demand $500 or more to lift the restrictions on your hostage data.

What can you do to prevent an attack?

  • First, be aware and help spread the word. Our best line of defense against this type of crime is to prevent its occurrence in the first place, and help as many people as possible be aware of the threat and how to avoid it. Share this blog post.
  • Second, train your staff not to open any résumés that come as zipped files—delete the emails immediately. Make sure anyone who hires people knows not to open these emails. Continue to make intelligent decisions about which email attachments you open. If you have an email that you question, contact an IT manager.

Prepare for the worst

  • Always back up your files. There are many excellent and reliable backup services out there. There are similarities and differences so it’s important to find the one that best suits your business’s needs. Compare costs, performance and security levels, among other things, and of course, how they do with disaster recovery. 

What can you do if you become a victim?

  • If you ever think you have clicked on one of these emails, shut down your computer immediately (hold the power button for 6 seconds) or unplug from the network immediately and contact your IT manager.

 

Be informed and share!

The team at Techno Advantage will help you select the right cloud-based or on-premise backup and storage solutions.  Give us a call to discuss which option is right for you. We also offer a backup software option for businesses. Need more help deciding how to protect your business from a malware attack? Contact a Techno Pro today!  And watch this blog for updates on any new malware. We want to keep you informed.