DuckSouth.com

http://www.pcworld.com/article/2600543/cryptowall-held-over-halfamillion-computers-hostage-encrypted-5-billion-files.html



If any of you heard of the CryptoLocker ransomware there is one that one upped it called CryptoWall. It has been out since late last year but only recently really making its presence known. Once a PC is infected it will start encrypting PDF, XLS, DOC, and other common files on the PC then move on to mapped network drives and even Dropbox. It will put the files above in each folder it encrypts. It is piggybacked on other downloads from the web on infected sites and through email attachments that users just can't restrain from opening. So again if you're not backing your stuff up you either pony up the ransom or lose the files. Average ransom is $500. I'm putting this out there because I'm helping someone recover from this infection right now. Fortunately we have multiple levels of backups for them and they are only losing about 30 minutes worth of work today. So be careful what you download, keep your AV up to date, and backup your stuff!!!!

Something very similar happened to a lady in our corp office, it got her computer then got on the network drive hacked all of our stuff, HR, accounting, etc... Ransom was $850 and once paid everything was returned but it took 3 weeks of no internet/email to get fixed and back up. Pain in the ass for all the sales team and resort staff, sure am glad I just grow grass lol

My lord was I wrong on this topic!!! I see PSA and think its a dang prostate information topic. And the backups part was really scary.

Can't ever have too many backups...

This junk hit us yesterday. It infected about 16,000 network files. The majority of those files were backed up each night, with the exception of a "temp" cifs share of 10gig which will be a complete loss. The poor Symantec sales guy that just called me wanting to sell something got ambushed. Bad timing on his part.

me to program mgr when he got a 'vm from microsoft' via email: "did you click on anything?"
him: "no i did not....well, the first time i did, but only the once."
DOH! or rather DUH!

Yes edub, we have a Barracuda webfilter.

Been on the phone with Symantec and they are telling me that we need the "web gateway module" to prevent this infection. Which happens to not be standard on our version of SEP. Have to step up to the SPS Enterprise version.

Due diligence means you have to buy & implement the safeguards. But I really don't think you can't beat this stuff, all you can do is increase your resilience. System Center Configuration Manager for re-imaging + nightly backup of clients' My Documents folders to network attached storage.