Written by our Support Team Lead, Dwayne Adams
Have you heard of Locky? It’s a cheery-sounding name, but it’s also a nickname of a new strain of Ransomware. Ransomware is a growing problem in the IT business. It is a type of malware that prevents or limits users from accessing their system. This type of malware forces its victims to pay the ransom through certain online payment methods in order to grant access to their systems, or to get their data back. Some ransomware encrypts files (called Cryptolocker). Other ransomware use TOR to hide C&C communications (called CTB Locker).
Users may encounter this threat through a variety of means. Ransomware can be downloaded by unwitting users by visiting malicious or compromised websites. It can also arrive as a payload, either dropped or downloaded by other malware. Some ransomwares are delivered as attachments to spammed email!
Once executed in the system, a ransomware can either (1) lock the computer screen or (2) encrypt predetermined files with a password. In the first scenario, a ransomware shows a full-screen image or notification, which prevents victims from using their system. This also shows the instructions on how users can pay for the ransom. The second type of ransomware locks files like documents, spreadsheets and other important files.
Please feel free to share this with your staff as this could happen to anyone surfing the internet or checking email. Additionally, you could use this as a reminder for all users to save their work to their Home drives (H:\). If you suspect someone has a Ransomware infection on their machine immediately pull the power plug and disconnect it from the network, then contact your IT department or personnel. In nearly all cases we’ve worked with so far, the root cause was a spam email opened from one PC that encrypted other workstations and servers on the network.
Here are some useful links if you’d like to read into greater detail on the subject.
Contact Integrity IT today, we can protect you and your business from Ransomware or any kind of IT threats.