You may not have heard the news but there is a new and more sinister threat doing the rounds of the Internet right now. CryptoWall 3.0 is the latest version of the CryptoWall ransomware causing untold damage to both business and personal computer systems. We are aware of some fairly high profile businesses (not our clients) that have been hit within the last 24 hours - some of them multiple times! There’s plenty of technical information available that goes into great depth (including a few articles on this blog), but in short, this is what typically happens:
- You receive an email with an attachment – typically a ZIP file that could present as a resume or other document, but the moment you open it you’ll be infected
- The malware begins to scan your computer for data files and then encrypts them
- Some files will also be dropped onto your computer to display a ransom notice telling you that you need to pay money in order to be able to decrypt the files
There is no guarantee that paying the ransom will get you your files back, and simply restarting your computer isn’t sufficient to stop the process.
Antivirus and antimalware software is struggle to deal with this threat – no software provides 100% protection. It starts with people's behaviour - specifically people opening email attachments.
The best course of action is to get your system cleaned up and recover the data files from reliable backups – you do have backups don’t you?
So, some important things to take into account:
- If you receive an email with an attachment, and if you’re not expecting this email, DO NOT OPEN IT
- Contact the person that sent you the file and verify its authenticity
- Make sure you have reliable backups – having just end of day backups means you could lose all new work performed during the day
- If you are unsure about anything, stop and ask for help
- If you do get the ransomware notice, don’t panic, but quickly unplug your computer from the network and make contact with us for assistance
- If you don’t know about your backups, or (worse still) if you don’t have regular and reliable backups please contact us ASAP
Please ensure you share this information on to others you know – the spread of education is the best first step to preventing the spread of infection.