WARNING: Virus attacks on the increase in recent weeks.
We have seen and heard about a relatively new type of malware or virus that is on the increase due to its ability to bypass anti-virus/anti-malware protection by changing its appearance, and until anti-malware software is made aware of the new ‘strain’ it isn’t able to block it. This process can take hours from when the virus is released and as a consequence there is a window of time where systems are particularly exposed and vulnerable to attack.
The Malware that appears to be particularly virulant right now is a type of virus known as “Ransom-ware” and the current version is Cryptolocker. Its purpose is to encrypt as many files as it can gain access to. These files are rendered useless until either a ransom is paid (usually costing a few hundred pounds), or an IT expert can clean the virus and recover the files from backup (assuming there is a backup, and even then any changes since the last backup would be lost).
If you are on a company network and have a high level of access privileges to shared files and folders, then the damage can extend far beyond your own files and potentially infect all the files throughout the business.
How are these viruses delivered?
These type of virus are usually delivered in the form of an e-mail.
The e-mails tend to derive from seemingly “official” sources and contain information requiring immediate action.
· Examples seen so far have been purporting to come from: Companies House, Inland Revenue, Fedex, UPS, DHL
· The topics of the emails can vary, but typically sound official and maybe a little worrying. For instance an email we’ve seen purporting to come from Companies House states “This message has been generated in response to the company complaint submitted to Companies House WebFiling service.”
Additionally, and crucially, there will be an attachment. This attachment is what contains the deadly malware and must not be opened under any circumstances. A tell-tale sign that it may be suspect will be if it ends in ZIP. Following the example from Companies House, the attachment is called “Case_2053WK.ZIP”.
How to protect yourself
The main things to do to ensure you as protected as you can be are:
1. Ensure you have an up to date and reliable antivirus solution.
2. Ensure your operating system and applications such as Java are updated regularly.
3. Never click on links or open attachments from untrusted sources and be wary when you receive them from seemingly trusted sources.
It’s very unlikely that you will ever receive a legitimate email containing a ZIP attachment, and you will rarely receive an email from an official source containing any attachment at all due to data protection and information security reasons. If you do wonder whether an attachment is legitimate and suspect it might not be, contact the sender by phone to check before opening it
4. Ensure you backup all your important files and have recovery media for your machine as it may not always be possible to recover from an infection like this so your data may be lost and your machine may need rebuilding.
If you suspect you’ve been infected
· Logoff and shutdown immediately to prevent further infection and damage to data files
· Contact your IT Support provider straight away and don’t log on again until you are advised to do so