By Nerino Petro at 19 February, 2016, 4:05 pm
There is a nasty new ransomware infection called Locky that is running rampant currently. This malicious infection is being transmitted by Word documents attached to an email purporting to be an invoice. Check out the following articles and share them with your laweyrs and staff to advise them as to how this is being targeted and to avoid opening one of these emails. The articles include samples of the message and other important information.
Once infected, the only way to resolve it is to either 1) pay the ransom or 2) restore from a backup. This new infection is even targeting shared network resources even if they are not mapped to a drive letter! If you are using Dropbox, OneDrive, Google Drive or similar service, this infection may strike those storage locations as well. If you are using a real time backup that is continuously backing up your data 24/7 it could also be at risk. You need to have a backup that is offline (remember you should be rotating your backup media regularly). It is imperative that you have a backup of your critical data and documents not stored in one of these locations, preferably on a separate drive.
These emails have been hitting local email servers so it is in the wild. Currently, many Anti-virus/Anti-malware services are not catching this so you need to be extremely vigilant. If you are concerned that you may have been hit by this infection, please contact your IT provider immediately.