By Russ Levanway, CEO
A virus as menacing as it sounds
A couple years ago a new virus emerged called “CryptoLocker”. This nefarious virus is classified as ‘ransomware’; It infects computers by encrypting the files, offloading the encryption key, and holding the files ransom for a fee made payable to CryptoLocker’s authors.
Many people without backups have paid the ransom out of desperation, and those behind the CryptoLocker attack often (but not always) returned decrypted files. No one knows exactly how much they have extorted but reports have pegged it at over $30 million.
About a year and a half ago, we rolled out something called OpenDNS, a security umbrella around our clients’ networks. In addition to this umbrella, firewalls protect the network boundaries of our clients systems, as do email gateways designed to scrub email of possible viruses. Soon after deployment of OpenDNS, the amount of viruses and spyware infecting client computers decreased nearly 50 percent.
No rest for the wicked
Viruses continue to become increasingly sophisticated, and thus the rate of infections has crept up again. Variants of ransomware related to CryptoLocker (such as CryptoWall) have continued to change and adapt ahead of antivirus software and OpenDNS.
The latest tool to combat these sophisticated viruses is something called file system journaling. The journaling function records and remembers the before and after state of each change made to files on a computer. This means even if a virus is not detected as being a virus, any changes it makes can be rolled back. We have begun the process of deploying this solution to many of our clients systems as another layer of protection.
We as an IT provider have a responsibility to innovate from a technology standpoint to meet the ever evolving challenges malware presents, but there is one simple way you can set up a first line of defense: Adopt an attitude of healthy suspicion concerning anything that enters your system.
How to turn up the volume up on your healthy suspicion:
- When you receive an unexpected email from someone you don’t know, or it contains an attachment that’s very vague, don’t open it. Instead, send it to your IT provider to verify.
- If you receive an email with a link to a website in it, hover your mouse over the link. If the real link doesn’t match that of the link in the email, don’t click on it, and again, send it along to your IT provider to have a look.
It’s important for everyone, IT providers and users of technology alike, to continue to recognize how prevalent viruses are and understand what can be done to stay agile and vigilant in a rapidly changing security landscape.