Call it coincidence, but while I have been noticed that people around me were talking less about ransomware, our technical support noticed that calls related to ransomware were slowly increasing. Finally, yesterday we received a notification from National Cyber Awareness System regarding ransomware viruses.
Released just yesterday by US-CERT, this alert is an update on ransomware viruses like Xorist, CryptorBit, and CryptoLocker and their variants observed in 2014 including CryptoDefense and CryptoWall. Despite this summer FBI’s arrests of the hacker gang responsible for the GameOver Zeus, the financial gains are too tempting so hackers are continuously developing new versions of ransomware viruses.
Take a few moments to look over the alert Crypto Ransomware Alert (TA14-295A). After reading this you will be more aware of this type of viruses but most of all, better prepared to avoid any infection.
US-CERT and CCIRC recommend users and administrators take the following preventive measures to protect their computer networks from ransomware infection:
1) Perform regular backups of all critical information to limit the impact of data or system loss and to help expedite the recovery process. Ideally, this data should be kept on a separate device, and backups should be stored offline.
2) Maintain up-to-date anti-virus software.
3) Keep your operating system and software up-to-date with the latest patches.
4) Do not follow unsolicited web links in email. Refer to the Security Tip Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.
5) Use caution when opening email attachments. For information on safely handling email attachments, see Recognizing and Avoiding Email Scams.
Individuals or organizations are encouraged to not pay the ransom, as this does not guarantee files will be released. Report instances of fraud to the FBI at the Internet Crime Complaint Center or contact the CCIRC
You can also find several posts on the same subject in our blog Bang.ca/blog .