BEWARE – CRYPTOWALL RANSOMWARE

0057cryptowallhero

Hang on to this post for the next 12-24 months to see if I am right or wrong. In the very near future, I believe ransomware attacks will increase and will likely be the number 1 type of attack, especially when it comes to the home computer user. The nastiest ransomware virus right now is called CryptoWall.

What is ransomware? Ransomware is when your computer is infected by a virus that hijacks\ takes your files hostage.  All of your files (spreadsheets, documents, presentations, pictures, and PDF files) are encrypted. You can’t open and read encrypted files, unless you have the key. The person with the key is the bad who infected your computer. He will gladly give you the key, but only AFTER you pay the ransom amount. The initial ransom amount is usually $500 and you have 3 days to pay it. If you don’t pay within the 3 days, the amount goes up to $1,000.

A few years ago many ransomware infections were not real. It appeared that your files were encrypted, but they were not. This type of infection happened to a close friend of mine 2 years ago. All I had to do was carefully close all of the windows that were open on his computer and then remove the ransomware software using the standard ADD\Remove feature built into Windows. That is no longer the case. Now ransomware like CryptoWall truly does encrypt (scramble) your files, and not just with basic encryption. Today’s ransomware uses some of best (toughest or impossible to crack) encryption algorithms available.

HOW DO YOU GET INFECTED?

We have all been told to be very careful when opening attachments, even from people we know. Well a growing number of people don’t seem to be listening. The majority of CryptoWall infections happen after people open infected email attachments, mostly malicious PDF files.

HOW DO YOU KNOW IF YOU ARE INFECTED?

When you open any encrypted file, the proper program (Word, Excel, Adobe Reader, etc.) will run, but the file will only display a bunch of garbage. A web browser will open CryptoWall’s instruction file. You will see a message letting you know that you have been infected and how much you need to pay in order to get your files back and step-by-step instructions on how to pay.

WHAT CAN YOU DO TO PROTECT YOURSELF

Be very leery when clicking on attachments, especially from people you don’t know.

Download the attachment first and then scan it for viruses before you open it.

Use a good antivirus program and keep it updated.

Consistently backup your files…to another location other than the hard drive of your computer.

Some CryptoWall infections happen simply by visiting an infected website. I use MYWOT to let me know what sites may be infected before I click on them.

WHY I THINK RANSOMWARE ATTACKS WILL INCREASE

Technology crooks in many ways are no different than their non-technical counterparts; they go after the “low hanging fruit,” the easy target. Typically businesses, governments and organizations will have the money, time and staff to protect their digital assets. The crooks will focus on the everyday consumer.

Also more consumer products will be connected to the Internet (have you heard of The Internet of  Everything) that will not be properly protected. The more poorly protected devices you connect to the Internet, the more attack options the bad guys have…more money to be made. According to Dell SecureWorks Counter Threat Unit, the creators of CryptoWall earned $1 million dollars between March 2014 and August 2014.

 

 

John L. Jones

Advertisements

One thought on “BEWARE – CRYPTOWALL RANSOMWARE

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s