What This Vulnerability Alert Is About
There is a new wave of Locky, a computer ransomware virus that is in the email/phishing category, being spread rapidly. Any files or shares the user has access to on the network and local computer can be encrypted. Data is at risk and the encryption of files/data cannot be reversed without payment to the criminal that encrypted your information.
How This Is Spread
This security risk typically comes in email as an attachment (typically as an invoice or a scan from a printer) and relies on users to click on the attachment, thereby giving permission to the PDF application to open a second file. The second file is what actually infects the victim's machine.
What You Need to Know or Do
Don't open emails/attachments that you aren't expecting. Be especially cautious with emails containing a PDF attachment. Avoid bypassing any security warning presented to you.
What Is the Resolution?
Unfortunately, there is no technical/configuration fix as the target is social engineering through human interaction (not a technical hack).What you can do is to make your staff aware of the risk. In the event you suspect you have become infected, shut down the computer completely, as leaving it turned on will result in files being encrypted if it in fact has been infected by Locky. Reach out to your managed services provider immediately.
Find More Information About This Vulnerability:
Need an IT Managed Services Provider?
If you are on Florida's Gulf Coast--from Tampa to Naples--and you have 10 or more users, please contact Entech by clicking on the blue button below.