Practicing Online Safety This Holiday Season
Although Cyber Monday has come and gone, ensuring appropriate online safety must continue to be practiced throughout the year. In this blog post, we will examine a very common form of malware, detailing both irregularities to look out for, as well as ways to combat the threat.
One increasingly consistent form of malware is CryptoLocker. CryptoLocker infects your computer, encrypts your files and then asks for a ransom payment to unlock the files. For a more in-depth look at CryptoLocker, please click here.
- It’s typically delivered by an email with an infected attachment
- Once the user clicks on the attachment, the computer is infected and files will be encrypted
How Can You Protect Yourself?
There are several protection methods that you can do to help stop CryptoLocker from infecting your computer and network.
- The best defense is to initiate a Cybersecurity User Awareness Program –Users are generally the root cause
- Conduct routine backups of important files, storing the backups offline
- Maintain up-to-date anti-virus protection
- Keep your operating systems and software up-to-date with patches
- Review network access controls on network shares – Don’t give write access where it is not needed
- Don’t give administrative privileges to user accounts
- Active Directory GPOs can be set up with a Software Restriction policy
I’m Infected! What now?
Weidenhammer Consulting Group suggests the following possible mitigation steps that users and administrators can implement, if you believe your computer has been infected with CryptoLocker malware:
- Consult with a reputable security consultant to assist in removing the malware
- Restore previous versions from a known good backup
- Use ShadowExplorer – A tool that will scan for all file shadow copies on your system
If possible, change all online account passwords and network passwords after removing the system from the network. Change all system passwords once the malware is removed from the system.
How Can Weidenhammer Help?
The Weidenhammer Consulting Group provides clients with Security Risk Assessments to help identify potential network, workstation, web site, and other vulnerabilities within their corporate network. Our Security Consultants can provide awareness program materials, conduct awareness trainings, execute security tests like penetration testing and social engineering assessments. Weidenhammer is also a trusted Cisco Partner – the Cisco FirePOWER product can help clients eliminate their chance of exposure to spyware and viruses such as CrpytoLocker.
For more information about Weidenhammer’s Security Offerings, please contact Anthony Cartolaro, Senior Business Consultant at 610-225-1436.
For a complete listing of what Weidenhammer’s Consulting Security Practice can bring to your organization, please click here.