This new "Locky" virus encrypts files on your local computer and network shared folders like previous versions of Crypto. However, it now has the ability to encrypt files on network resources which aren't mapped to your computer. This will make it harder to restore data if proper backups aren't in place.
Although this virus is new, it's being spread at an alarming rate. Currently, the virus is being spread by email with fake Word attachments. Emails will have a subject similar to: ATTN: Invoice J-98223146 and will appear to have invoices attached. When the user opens the Word document, they will be prompted to run "macros" which will infect the machine and begin encrypting files.
What can you do?
- Educate your users - feel free to forward this blog post and instruct users to *not* run Word macros from unknown email senders. If you're a managed client, we'll be happy to schedule Cyber Security Awareness training with your staff.
- Multiple layers of security - we always recommend a managed firewall with built-in antivirus in addition to antivirus AND antimalware software on your desktops and laptops.
- Backups - make sure you have a current backup running onsite and offsite. Make sure this backup has been tested recently.