This is a copy of an e-mail we are sending out on a somewhat frequent basis to our clients to keep being Internet Street Smart at the top of their minds:
Hello all,
I may have mentioned this in the past while but it bears being mentioned again.
There is a really bad malware being spread via links in e-mail that take the user to a bad site or attachments in an e-mail that contain the bad software. Its name is CryptoLocker.
If the link is clicked on or the attachment is opened the software starts up and goes on to encrypt, that is make unavailable, EVERY file the user has access to. There are two ways to get out of the mess once the infected system is found and quarantined:
1. Best Option: Recover the files from Previous Versions (Volume Shadow Copy snapshot) … may be out by a few hours.
2. Okay Option: Recover or from Backup … may be a bit out of time in the form of hours.
3. Worst Option: Pay the bad guys to decrypt the data and risk identity theft among other problems of handing over a credit card number.Simple rule of thumb: NEVER click on a link in an e-mail and avoid opening attachments if at all possible (Especially ZIP archives). And, if a link must be clicked on in an e-mail hover the mouse cursor over the link to see where it leads to. If it looks suspicious please ask!
Our systems are designed to provide maximum recoverability however the snapshots and backups are timed throughout the day. So, if there is an infection some work may be lost!
As always, please be very careful and aware that bad folks out there are always on the hunt for more victims. No business large or small is exempt from these folks nefarious activities.
We are aware of firms, fortunately not our own clients, that are on the brink of possibly being lost due to CryptoLocker and bad or unavailable backups!
Thanks and have a wonderful day! :)
We do our best to keep folks aware of what is happening out there but things are getting even more nasty for e-mail transmissions.
Philip Elder
MPECS Inc.
Microsoft Small Business Specialists
Co-Author: SBS 2008 Blueprint Book
Chef de partie in the SMBKitchen
Find out more at
www.thirdtier.net/enterprise-solutions-for-small-business/
Apparently, the latest variants of CL now kill Shadow Copies according to this site:
ReplyDeletehttp://www.bleepingcomputer.com/forums/t/506924/cryptolocker-hijack-program/page-105#entry3196724