Locky Ransom Virus Update – What you need to know and do
Locky Ransom Virus is being pushed aggressively through mail, spreading via Spam email campaigns. The virus has the reputation of being the biggest IT threat of 2016 so far. Its aggressive global threat through spam emails and compromised websites is leaving top security companies such as Sophos, Norton, Trend and McAfee scrambling to respond.
The emails often look legitimate but as soon as an attachment or link is opened the virus starts to download. Viral email campaigns are not easily detected – they have no fixed pattern and frequently change format / strategy.
“Symantec (supplier of leading anti-virus software) reported that in just 2 days they blocked more than 5 million spam emails associated with Locky.”
WHAT YOU CAN DO
EDUCATE all staff and users about what Locky is, how it the virus operates and what to look out for.
APPOINT AN IN-HOUSE CHAMPION to monitor incoming mail, particularly if you have Mailmarshal running in your office. As security policies are tightened it is inevitable that some legitimate mail will be blocked along with the spam. It is better to have someone educated on what to look for to filter these, rather than leaving it totally up to individual end users.
BACKUP REGULARLY AND TEST YOUR BACKUPS to ensure the data you need can be restored reliably. If you are an ITS customer who has regular onsite network maintenance appointments, this will be covered as part of your maintenance.
DON’T ENABLE…OR DISABLE MACROS in documents received via email. Microsoft turned off auto-execution of macros as a default setting many years ago as a security measure. A lot of malware infections rely on persuading you to turn these disabled macros back on. Don’t do it!
BE CAUTIOUS AND VIGILENT about unsolicited emails and attachments. The Locky virus relies on you opening a document or link before you are aware it could be dangerous. It is better be overly cautious than pay the hefty price of infection.
RESTRICT USER RIGHTS / ADMINISTRATOR ACCESS and do not stay logged in longer than strictly necessary. Ensure users do not have more log-in and user rights than they need and try to avoid browsing, opening documents or other “regular work” on an account with admin rights.
PATCH EARLY AND OFTEN. Not all Malware arrives via email and/or document macros. Some rely on security holes and bugs which are only preventable by keeping your system, software and antivirus up to date. If you are an ITS customer who has regular onsite network maintenance appointments, this will be covered as part of the maintenance.
RESTRICT WRITE PERMISSIONS on file servers as much as possible and ensure only users who require the permissions are granted them.
USE ADVANCED ENDPOINT PROTECTION that can identify new malware variants and detect malicious traffic.
USE WEB AND EMAIL PROTECTION to block access to malicious websites and scan all downloads.
WHAT CAN WE / YOUR IT PROVIDER DO
EDUCATE: Meet with you and your staff to explain the risks and provide useful user information to mitigate risks in the workplace.
TRAIN: Equip in-house managers with information and tools to assist with daily mail management.
AUDIT: Backup procedures and systems to ensure they meet minimum standards and minimise risk.
AUDIT PASSWORD/LOGINS AND NETWORK/ADMINISTRATION ACCESS: To minimise and tighten up potential security risks.
SCHEDULE REGULAR NETWORK MAINTENANCE: Ensuring all checks and measures are in place.
RECOMMEND BEST ENDPOINT PROTECTION OPTIONS: Based on business needs and budgets. Advice and help with configuring the software to meet your specific business needs while ensuring protection required.
DO YOU NEED HELP WITH MANAGING LOCKY VIRUS RISKS?
We are an Auckland based company delivering technical IT services and advice to businesses. We specialise in total IT technology solutions, including design, development, implementation and support of business networks, applications, systems integrations and management and maintenance including cloud based services. We can help you to manage the risk of Locky Ransom Virus. Get in touch today!