Today we have been helping a client recover from a Cryptlocker attack. It is a very nasty piece of malware, also known as Ransomware, that encrypts your files then asks you to pay to have them decrypted. It is nasty enough to also attack network shares so beware in larger networks!
The good news is that this client already had a good backup regime in place so we were able to help them recover fairly quickly.
The attack was started by a user who opened an email made to look like it was from Australia Post. They opened a zip archive then ran an executable from within it. I did not see it at this point but the executable has been known to be disguised as a PDF.
The key lessons are:
- be extremely careful about opening attachments, especially in zip archives. Why would AusPost or the ATO be sending you a zip? If you are not sure, ask your IT Administrator to inspect it first or just delete it!
- ensure you have a reputable anti-virus/anti-malware solution that is up to date
- ensure you have a backup plan in place that includes offline archives, is monitored and is tested regularly
Be prepared, not sorry. It’s too late after the fact.
Contact us if you’d like assistance getting a managed anti-virus/anti-malware solution in place as well as a Managed Backup solution to counter this threat.