Monday 15th May 2017
Urgent Virus Threat Information – requires immediate attention.
- 15 May 2017
As you will have no doubt observed in the media, there has been a significant rise in the number of businesses caught out by a “Cryptolocker” style ransomware attack. This latest attack is attributed to malware called “WannaCry” and is spread as a computer virus known as a worm.
Cryptolocker is a program classified as “ransomware”. Ransomware will lock up your computer and ask that you pay a fee before you can resume normal operation. This ransomware will display a message on the screen (similar to the one below). The timer will countdown (typically 3 days) after which it is too late to recover your data.
Microsoft have previously issued a patch to tackle this specific Ransomware attack in March. Your server settings are set to auto update patches as a default, meaning that the appropriate patches should be applied.
In the background, Cryptolocker encrypts your word files, spreadsheets, images and PDF documents on your PC and throughout your network. You must pay the authors of the software a fee of up to US$300 to unencrypt your files.
How do you get infected with Cryptolocker?
Unfortunately it is very easy to get this ransomware on your computer and network. It generally spreads via a hoax emails with a PDF-looking document attached. Therefore it is imperative that you only open email attachments from trusted sources and be extra vigilant about spotting informal email addresses that look suspicious. Especially those that claim that they are from your IT provider and want you download a tool to protect yourself / fix the issue!
What should you do to protect yourself from this ransomware?
Use an antivirus product and ensure it is kept up-to-date (even though this particular ransomware has successfully bypassed many trusted anti-virus products). If you have any concerns over your virus protection, contact our support team immediately.
Patching of updates
As previously mentioned, this is set to auto-update on your servers as a default. Unless you have specifically requested this not to be the case.
Avoid clicking / opening links on emails or attachments from people you don’t know or companies you don’t do business with. If it looks suspicious, treat it as such.
It is imperative that you ensure you have a disaster recovery plan in place that will allow recovery of all of your critical files. Backup and disaster recovery are generally only worried about once you have had a problem, by then it is too late.
Please review your existing backup solution and satisfy yourself that you have recent and successful backups of your system. If you don’t, you are extremely vulnerable to complete system data loss should you be unfortunate to be hit by the ransomware. It is your responsibility to verify that you have working backups of your system. Contact us here at Vetsolutions if you are uncertain, and or if you would like to discuss backup solution best practice. Simply contact firstname.lastname@example.org.
What should you do if you are affected by the ransomware?
Call Vetsolutions support. We will be in a position to confirm if you have been unlucky enough to be hit by this latest ransomware and explore options to help you recover the situation. Note that the diagnosis and rectification in relation to ransomware is not included in standard technical support and is subject to additional charges.
Share this story
To keep up to date with all the latest news from Vetsolutions you can add our RSS feed or sign up to recieve e-newsSign up today>