CryptoWall 2.0 has hit several dental offices in Jacksonville recently. This ransomware program was first detected in early October and disguises itself as PDF attachment files appearing to be invoices, bills, complaints, or other business communications. Once you double click the attachments your computer is infected with CryptoWall, all files are encrypted, unrecoverable and a ransom is requested to release your files.
Once infected the installer will start to scan your computer’s drives for data files that it will encrypt. When the infection is scanning your computer it will scan all drive letters on your computer includingremovable drives, network shares, or even DropBox mappings. In summary, if there is a drive letter on your computer it will be scanned for data files by CryptoWall.
So how do you protect yourself from this threat?
- A Firewall. This is responsible for locking down your network perimeter. With a proper subscription, you can guard against threats by blocking countries or regions, blocking file types, and known malicious websites. The subscription list is updated constantly as new threats are found.
- Anti-Virus. With proper subscriptions and updates, you can protect and quarantine threats that are run at the local PC.
- Do not open files from an unknown sender. When you open files from untrusted or unknown senders you may be unknowingly downloading malicious content. Better safe than sorry when receiving emails from someone you don’t know.
- Avoid clicking links from a non-trusted sender. This falls in line with the above but sometimes you will receive emails that appear to be from trusted sources so you click links inside the emails. Be on alert as to unexpected correspondence. Where you anticipating an email from that source? If not it is best to contact that person before opening an attachment.
What do I do if I suspect I have been attacked by this ransomware program?
Contact us. We have experience with these ransomware programs and can assist in recovering files and isolating and removing the threat. However, this process is much easier if you have proper firewalls, malware protection, and backups in place before the ransomware hits. “An ounce of prevention, is worth a pound of cure.”