CRYPTO / RANSOMWARE is doing the rounds….

CRYPTO / RANSOMWARE is doing the rounds….

Oct 19, 2018

If you see the below screen  DO NOT close any programs DO NOT shut down your computer! CALL an IT professional for Help, and as a general rule DO NOT leave Backup drives attached! if you are already completely enc rypted this course of action won’t “fix” anything…

For this particular attack you need to have a what if plan ready, would you be willing to pay the ransom? If yes, then the virus needs to be able to
“Call Home” to report it’s unlock code. If not then the best course of action may be to literally pull the plug! As always, the best backup plan is to have adequate backups!

This new round of Crypto appears to be a scheduled attack, meaning it is set to run at a set time/date. The attacks we have seen in recent weeks ran at about 10pm. This causes 2 issues:

  • We can’t trace how it is getting in, because we don’t know when it happened.
  • It has not only encrypted all of the data but also everything connected to the machine including any attached Backup Drives. So let’s revisit our Back up rules.

Backup Rules:

  1. Have more than 0ne backup in rotation (2 is good, 3 is optimal)
  2. Make it someone’s job to check the backups are successful! No use just hoping.
  3. (this is a new one) Check the machines aren’t already infected BEFORE changing the drive! Do it at the end of the day. A lot of receptionist will come into the office and change the back up drive on their way to make a coffee, you have now just destroyed both backups.

Of course, this advice is general and doesn’t account for all possible configurations, if you are concerned and would like to check your vulnerability feel free to contact our office.

Leave a Reply

Your email address will not be published. Required fields are marked *

MicroEd Computers & Internet - Providing Computer Sales, Repairs and IT Support since 1984

MicroEd is a Telstra T-Suite Partner
MicroEd is proud to become a Telstra T-Suite and Microsoft Exchange Online partner.
MicroEd is Microsoft Registered & a Microsoft Exchange Partner