Earlier this month antivirus companies discovered a new and exciting, quite nasty piece of malware on the Internet. Short for malicious software, malware is often used to gather access to sensitive information, or to infiltrate and disrupt computers and networks.
Those pesky cyber criminals have been hard at work, creating a nasty program that will essentially lock all of your files with an uncrackable password. But don’t worry, they will return to save the day with the password and a hefty price tag!
The malware is generally deployed to people via infected websites and via phishing emails. They know how important data is to your business, and that’s why they are targeting small and large companies.
Think of it like this:
- A virus infects your computer, generating a public key.
- It then scours your computer and network, gathering all the data it can find.
- The virus contacts the keylogger’s server, and requests a private key.
- This private key is simply a super password that cannot be cracked (unless of course you are the NSA).
- Now they have something you need. Something that you would pay to get back.
It’s like having two locks on your data, and a criminal organisation wants you to pay for their key to access it.
You may have read about some instances of this kind of cyber fraud that have been leaked to the public. One in particular that shocked us the most was a medical practice in Miami, Gold Coast. The malware virus that infected their systems forced them to roll back 1 year of patient records – the virus had even encrypted all of their backups. Scary stuff.
Here are a few tips and tricks I recommend to companies who want to avoid this nasty:
- Conduct regular Offsite backups
- Conduct user training on phishing emails
- Carefully read emails
- Check all links in emails before you click them
- Do not open dodgy or questionable attachments
Below are also some handy articles we recommend you read or pass onto staff:
And here is a great article on some examples of this exact attack happening to companies:
Make sure you keep your computers and network up to date with all the latest security patches. If you’d like an assessment of your IT infrastructure, feel free to get in touch with us.