Thanks for choosing OC Cloud9!

949-699-6619 | 9am – 6pm Monday – Friday : Saturday by Appointment

  • Client Login
    • Outlook Web App
    • Cloud Apps and Desktops
    • Remote Support
OC Cloud9
  • About Us
    • Careers
  • Cloud Services
    • Cloud Software
      • Cloud9 Software QuickBooks Solution
    • Cloud Mail
    • Cloud Collaborate
    • Database Cloud Services
    • Cloud Web Hosting
  • Solutions
    • For Designers – Accelerated
    • For Businesses – Complete
    • For Individuals – Professional
    • HIPAA Compliant Cloud Services
      • Cloud9 HIPAA Email Encryption and Data Loss Prevention
    • For Students – College VDI
  • Support
    • Cloud Support
    • Learning Center
    • Standards & Compliance
    • News & Articles
  • Contact Us
Get Started
  • About Us
    • Careers
  • Cloud Services
    • Cloud Software
      • Cloud9 Software QuickBooks Solution
    • Cloud Mail
    • Cloud Collaborate
    • Database Cloud Services
    • Cloud Web Hosting
  • Solutions
    • For Designers – Accelerated
    • For Businesses – Complete
    • For Individuals – Professional
    • HIPAA Compliant Cloud Services
      • Cloud9 HIPAA Email Encryption and Data Loss Prevention
    • For Students – College VDI
  • Support
    • Cloud Support
    • Learning Center
    • Standards & Compliance
    • News & Articles
  • Contact Us

Locky Crypto-Ransomware

OC Cloud9 > News & Articles > Uncategorized > Locky Crypto-Ransomware

Locky Crypto-Ransomware

Mar 7, 2016DeborahUncategorized

Locky is a new crypto-ransomware that showed up a few weeks ago for the first time. It comes through Email as a Microsoft Word or Excel document, .doc Invoice. This ransomware has been infecting over 90,000 computers a day, according to FORBES.

Locky

According to Microsoft, Locky is being distributed by Email with an attachment, usually a word document or an excel document that appears to be an invoice.  Once you open this attachment, Word will ask you to enable Micros. Then it will download the malware and start to encrypt every file accessible from your system. This includes any network files pathed to to your computer. A ransom message is then displayed demanding payment in order to unlock your encrypted files. Note that once your files are encrypted, the only guaranteed way to restore them is from your backup.

Receiving an invoice via Email is part of the typical business day if you have any administrative role at work or home. Many people might not even look at the sender or read the subject line of the Email and just immediately go to the attachment and that’s what seems innocent enough. If you open this attachment, be warned that unless you or your company has a recent backup of your data, you will be purchasing Bitcoins to unencrypt your data and obtain all of your information that was stolen from you. These attachments come in a .doc format and reads: “ATTN: Invoice L-98223146”.  So opening up an attachment from an unexpected sender has potentially catastrophic consequences at this point.   Please click on the senders Email address and verify if you know who the sender is and that you are expecting an invoice from that person prior to opening up the attachment. If the sender is unknown to you, then DO NOT OPEN THE ATTACHMENT.  We personally know of two local businesses that received this Emailed virus last week. One was an Invoice from the “IRS” and another was a Resume from a “prospective employee” both contained this Ransomware virus.  Luckily we were able to prevent them from losing any files. However most people receiving these files are contacting us in utter desperation without a backup solution in place.

There are many ways to help prevent you from being infected. We recommend the following:

1. Educate: Teach your employees about Viruses and Malware prevention. Let them know to not open Email attachments or links from someone they do not know or if it looks suspicious. Ask your IT professional if you are not sure. We get multiple Emails from our customers asking if the email they received was a threat. We would rather you ask us than infect your system  or your companies network.

2. Back up: Make sure your data is backed up regularly. Store this backup separately in the event of a Network attack such as this. Many different things can happen to your data such as viruses, malware, fire, flood, theft, etc. and this will help to ensure the integrity of your data.

3. Defend your data: Make sure you are using a valid and updated antivirus (we recommend MSE or Windows Defender), have a secure password to access your computer, have a secure router protecting your network and password protect any important documents. Make sure your IT Company takes security serious. Here at OC Cloud9 we actively protect our clients and their data.

4. Make sure Macros are not enabled on Word and Excel: Microsoft turned off auto-execution of macros by default many years ago as a security measure. A lot of malware infections rely on persuading you to turn macros back on. To help prevent malicious files from running macros that might download malware automatically, we recommend you change your settings to disable all except digitally signed macros.
To do this:
1. Open a Microsoft Word document.
2. Click the File tab.
3. Click Options.
4. In the Trust Center, click Trust Center Settings.
5. Select Disable all macros except digitally signed macros.
6. Click OK.

5. Login Power: This is more for IT companies but don’t give yourself more login power than you need. We do not let our clients install programs without our permission and have stopped many viruses from being installed in the process.

OCCLOUD9header

For further information about how to protect your important and priceless data, contact a member of our OC Cloud9 technical team at (949) 699-6619 or contact us by clicking here. For a detailed look with exactly what happens to a system infected with the Locky Crypto-Ransomware, please see BleepingComputer.com’s article

 

Written by Deborah

Deborah is the Director of Network Operations at OC Cloud 9. She oversees the daily Operations of the company. She has been working with Orange County Computer, Inc., the parent company of OC Cloud9, Inc., since 2003. Prior to working in the IT Industry, her area of expertise was in regulatory compliance in the Healthcare Industry working with state and federal regulatory agencies. She acts as our interpreter regarding all HIPAA Privacy and Security Rules. Deborah's office mantra is "Keep the client happy" and she will act as the liaison between a client request and a technical barrier to resolving as issue. She is happy to help. In her spare time, you might find her paddle boarding in the ocean or skiing in the mountains.

You might also like

  • Distinguishing Between Public, Hybrid, & Private Cloud Solutions
  • Protecting Your Medical Practice With Our HIPAA Compliant Cloud Solutions
  • How to Improve Network Security in Healthcare Practices
  • Why is virtualization and the cloud so important?
  • Coronavirus and Working Remotely in the Cloud
  • What is better than Cloud Computing?
  • Cloud Computing vs Virtualization: The Differences and Why They Matter to You
  • When Disaster Strikes…How will you protect your business?
  • Quest Diagnostics Data Breach
  • Windows Server 2008 End of Support: What That Means to You and Your Business
  • Cloud Solutions and Disaster Prevention…How will you protect your business?
  • Cloud Resellers vs. true Cloud Service Providers

Leave a Reply

You must be logged in to post a comment.

← Hollywood Presbyterian Ransomware Attack
The US and Canada issue Ransomware Alert →

Search

Categories

  • Blog
  • Cloud Learning Center
  • Education
  • Inside OC Cloud 9
  • Remote Workforce
  • Uncategorized

Sign Up To Receive Our Newsletter

    26150 Enterprise Way, Suite 400
    Lake Forest, CA 92630

    949-699-6619

    ADA Accessibility Statement

    Sign Up To Receive Our Newsletter