Locky Virus hits 9 Out of 10 UK Businesses

Locky Virus hits 9 Out of 10 UK Businesses

Tags : 

VirusLast week we were alerted by one of our clients that they suspected a virus was on their computer. And this week we have been contacted by another of our clients about suspicious activity. In both cases we visited the client to find out exactly what was going on. We found that the problem was a type of virus called ransom-ware.  Ransom-ware encrypts documents and files and then demands a payment to decrypt them. Usually the detailed instructions require the payment to be made over the TOR network in order to hide the criminals identity.

Cyber security remains a real issue for small businesses!

Security firms are warning about a sudden ”Huge” surge in junk mail messages containing ransom-ware. The surge is being blamed on the group behind a novel strain of ransom-ware called Locky. Locky encrypts data on an infected machine and then asks for a payment before a decryption key will be provided. Currently Locky asks for 3 bitcoins (approximately £885) as payment.

We recommend that under no circumstance should you make the payment as there is no guarantee that your data will be decrypted and if you make a payment you may be targeted again.

For both of our clients the ransom-ware managed to encrypt files in a shared area on the network preventing any user from accessing data thus halting work. The action we took was to disconnect all devices from the network and then to scan them with a malware removal tool. After scanning we used one of the regular back-ups that we configured for the client to restore all the data.

Further investigations to determine how this issue occurred were made in order to prevent it from happening again. We managed to pinpoint the breach to an email attachment that was opened by a user in Microsoft Word, which then asked the user to activate macros. Once macros are activated the virus application executes and begins encrypting anything it can get access to on the local computer and the network.

So please NEVER open attachments from a source that you can not trust!

If you would like further advice on virus protection then click here or alternately give us a call on 0845 319 4887* to talk to one of our friendly technicians.

* Calls will cost 5p per minute plus your phone company’s access charge.

Smarter Technologies Ltd, Unit 1 Broadfield Industrial Estate, Seymour Street, Heywood, OL10 3AJ | Company No.: 07172781 | VAT No.: 794 7491 68

%d bloggers like this: