Last week, a new ransomware variant called Locky began spreading in the wild.
Locky encrypts data on an infected system using AES encryption, and then leaves a blackmail letter (which is localized in several languages) asking for half a bitcoin to get your data back. More disturbingly, it also searches for any network share (not just mapped shares), and encrypts data on those remote shares as well. If you leverage cloud storage solutions, your backup may get infected as well when it synchronizes the encrypted files. Currently, researchers have not found a way to decrypt files Locky has locked.
The number of ransomware incidents has exploded in the last few years, infecting hundreds of thousands of systems worldwide. Ransomware is malware that’s designed to hold your data hostage unless you pay up. Wait too long —or try to rescue it — and that data can be gone for good.
To protect your network and computers from ransomware and other malicious malware, be sure to first perform these fundamental tasks:
Backup and recovery
Segment BYOD (Bring Your Own Devices) from main network
Run antivirus software on clients
Is Your Firebox Ready to Block Ransomware?
Follow these steps to defend your network from malicious malware.
Make sure the signatures for Gateway AntiVirus, IPS, and Application Control are up to date.