- Important: If you already have anti-spam and anti-virus as part of your managed services program from MIRUS you do not need to do anything!
- If you have installed your own anti-virus we will be monitoring it via our systems, however if you would like us to check that your software is up to date and running correctly we can do this for you, just give the service desk a call on 0845 519 5055
The National Crime Agency (NCA) announced yesterday that it has temporarily disabled two of the nastiest malware generators in the world. According to the NCA we have a "unique, two-week opportunity to rid and safeguard" ourselves… but from what?
Gameover Zeus is a piece of malicious software that spreads using phishing emails – these are the ones that email you from what you assume are legitimate sources, but turn out not to be. For example, your bank asking you to confirm your account details.
If you open one of these emails, they will potentially ask you to install a program, once installed the program searches your computer for banking details, credit card screen prints and useful files that it can be used for identity theft. As well as making your computer vulnerable to other pieces of malware such as Cryptolocker it also joins your computer to a spambot net meaning your computer is now sending out spam.
Cryptolocker is one of the pieces of malicious software known as ransomware, the software encrypts your files to a strength which renders it unreadable (even by the world’s fastest computer)
It infects computers, usually through email attachments or rogue websites, but it can also download more Malware such as Gameover Zeus.
Once your computer is infected, Cryptolocker starts encrypting all the files on your computer and then it posts a message on your screen asking for a payment to decrypt the files, it also says that if you refuse to pay, it will destroy all the information it has encrypted.
The NSA have only shut down the servers that control some botnets and while this a fantastic, unfortunately it is still possible to be infected. It is likely that within two weeks the creators of the malware will establish new servers and cryptolocker is more than likely to be back on-line.
What to do if it happens to you...
- Don’t close the ransom window - until the window is closed you have time to rid your computer of the ransomware using conventional anti-virus software.
- After rendering your file non-usable you will have to rely on backups of your data, if you have them. But it's important that you don't try and restore your data before you clear your computer of the infection, otherwise you could lose your backup too.
- Do not pay the ransom. While a few users hit with Cryptolocker report they have paid and got the files returned, there is no guarantee it will work. Also with the NSA bringing down some botnets, the cyber criminals may not even be able to return your data. Plus paying the ransom will only provide this criminal network with more funds to do it again.
Cleaning Your Computer
Important: Lets go through what you need to do to stop your systems being infected..
- Invest in an anti-spam service - Having this service means that the spam emails will never even get to your inbox.
- Invest in an anti-virus program.
- Don't open attachments from unknown sources or from emails that appear to be from a legitimate source but are suspicious, for example your bank would never email you to confirm your details.
- Regularly back up important data.
- Ensure staff are educated in good computing practices and how to spot threats.
Are You Cyber Aware?
- Keep your anti-virus software up to date and scan your systems regularly. (Unless you have purchased our managed anti virus software, in which case its done for you)
- Use an anti-spam provider to block incoming spam and malware.
- Change account passwords on a regular basis.
- All our customers are entitled to web filtering as part our service, this means that you are less likely to be able to browse to an infected website - For more information call 0845 519 5055
- Remove local admin rights – Such a simple thing to implement, and something we strongly advise. Giving an employee no admin rights means that your work force cannot download and install programs without permission. We measured the volume of laptop rebuilds against the end user permissions metric and the results were quite shocking:
If you want any further infomation on these latest threats, need advice about your anti-virus and anti-spam solutions or think your security systems may need a review, then please call our friendly and knowledgable team on 0845 519 5055