We’re issuing this Virus Alert due to a recent uptick in “CryptoLocker” virus infections, and due to the fact that this virus can cause lasting and severe damage to the data stored on your networks.
First, some basics. CryptoLocker is a type of ransomware that is injected into your network by a user who clicks on an attachment in a suspicious e-mail. These e-mails often effectively mimic notices from respected firms such as LinkedIn, UPS, FedEx or customer complaint-generated e-mails. Once a user clicks on the e-mail and opens the attachment, the infection is launched. Because the user’s click is viewed as a “launch attachment” authorization by the computer, currently no commercially available anti-virus software will block installation of this variant. Once inserted on a computer attached to your network, it will spread itself invisibly throughout your network and begin to encrypt server or PC data, often requiring less than 24 hours to render an entire network’s data useless. Because its AES (Advanced Encryption Standard)/RSA (Rivest-Shamir-Adleman) encryption cannot be broken, data is effectively rendered useless and must be recovered from backed-up media such as disks and external backups.
We encourage you to notify your employees and customers of this risk and encourage them to take the following steps to prevent infection by CryptoLocker:
• NEVER click directly on a link from an unknown or suspicious source. Instead, enter the URL for the site you want to visit and then look for the notice/information referred to in the e-mail.
• If a computer on your network becomes infected (see image below), we recommend physically disconnecting it from your network by pulling the network cable or turning off the WiFi network access for that device.
• Contact SecurityCoverage technical support at (877) 373-3320 if you see this infection and our technicians can help you wipe the infection from your servers. It is highly likely that, once encrypted, your data will not be recoverable.
Please let us know if you have any questions on the above alert. With a very-high impact and an increasing incident rate, we strongly encourage you to share this with your associates and your customers to help keep damage to a minimum for everyone.