Ransomware Warnings

By: Karl Tatgenhorst Last Updated: May 13, 2014

hogan-consultingThe Cryptolocker virus and assorted variants are once again making their way around the internet. These viruses arrive via e-mail and encrypt any files that the user may have access to. The usual format of the email is to forge an address internal to your company (e.g. admin@smallbiz.com) sometimes even using a real name or address. The email will contain a zip file with an important sounding name, for example: revenue-projections.zip.

Users should be reminded not to open unsolicited files without at least calling the person the email came from etc… Also, watch for the context of an email for clues if you are a junior salesperson and receive an email from president@work.com with 2015 business-strategy.zip as the attachment, you might want to be wary of that.

Educating your users is one good strategy for ransomware prevention, technology can also mitigate the risk. A good next generation firewall (such as Palo Alto) can filter emails and flag forged emails, provide policies that prevent deliveries of suspicious attachments etc… Hogan Cloud Services can assist you in procuring and implementing such a firewall. Additionally, proper administration can mitigate the risk for your shared files. Ensure that users have access which is appropriate to their level and have multiple shares with regular backups. This will insure that if someone is infected only the files they have access to will be infected and that those files can be restored. Above all, have a plan in place and make sure that your people know to notify you right away if they think something has happened.