What do you need to know?
Cryptowall 3.0 is the most recent version of the ransomware, Cryptolocker which launched in September of 2013. Within the first couple months it had raked in over 27 million dollars across the US, Australia, the UK and other parts of Europe. Since this venture has proven to be such an effective money making machine it doesn’t seem likely that it will be going away anytime soon, hence, Cryptowall 3.0.
Cryptowall 3.0 is disguised as a benign attachment (often .pdf’s or windows help files .chm) that, upon being opened, will encrypt the files of all mapped drives. The most popular method of delivering CryptoWall 3.0 was through the “incoming fax report” which masked its malicious payload as an innocent attachment. Once your network is infected the program will demand a ransom starting at $500 be paid for the pass key to unlock your files. Unless you are running current, effective backups you will either be forced to pay the ransom or you will lose your files.
The best way to go about protecting yourself from this attack is, first and foremost, do not click on links that you are not expecting, especially if you do not recognize the sender. Second, add any emails containing .chm files to your spam filter. Although, it seems likely that anyone making ransomeware will eventually find another delivery method for their malicious code, it may help for a short while. Lastly, it is less expensive to educate your staff on the severity of this problem. If anyone connected to your network opens these attachments, your network will be infected. It isn’t always clear who is click happy in an organization but in this respect everyone has an equal responsibly for insuring the security of your network.
Once your network has been infected the only good option is to rely on your backup systems so that you can wipe your network and start over. If you are not certain that your backups are current or if they are running properly it will be well worth your time to investigate. Remember an ounce of prevention now could be worth all of your data later.
For information on how eTop Technology, Inc. can help you secure your data and protect you from disaster. Please feel free to contact us.