A new strain of "ransomware" is striking



cryptolockerMitch Lipka of CBS Moneywatch wrote:

"A new, "scary" strain of ransomware -- a type of malware that demands payment before allowing a computer user to access a device or network -- has been detected, according to a warning issued on Monday by the CEO of the info-tech security company.

The virus is called VirRansom and is self-replicating, according to CEO Stu Sjouwerman. The virus will infect every file it can find and demands Bitcoin in payment.

Companies should be aware that the ransomware can aggressively attack company networks, he said.

"This ransomware threat utilizes both ransomware and parasitic virus features," Sjouwerman said in a statement. "VirRansom is a full fledged virus which will spread across your network and doing a less than perfect job on the disinfection can easily lead to reinfection of your whole network."

Such parasitic viruses are particularly insidious, he said, and difficult for antivirus companies to keep up with.

Here's what he recommends to help deal with such attacks:

1. Test the restore function of your backups and make sure it works, and have a full set of backups offsite.

2. Start thinking about asynchronous real-time backups so you can restore files with a few mouse clicks. [Another way is cloud-backup that has the all-important versioning feature which saves earlier versions of your files]

3. Get rid of mapped drives and use UNC (universal naming convention) links for shared folders [if you are in a network].

4. Look into Whitelisting software that only allows known-good executables to run.

5. Update or enforce security policy best practices, such as thorough security awareness training to prevent these types of infections to begin with because the infection vector is your end-user opening up an attachment or clicking on a link.

Find out how affordable this is for your organization:

Get A Quote Now

 

 

 

 


 

 




Subscribe To Our Blog


Comprehensive Anti-Phishing Guide




Get the latest about social engineering

Subscribe to CyberheistNews