Users receiving emails claiming to be company invoices and containing a Word.doc should think long and hard before opening them.
Hackers are carrying out sophisticated social engineering techniques and luring victims into installing a destructive new ransomware deemed Locky that is said to be spreading at a rate of 4,000 new infections per hour.
Locky typically spreads by tricking users into opening a Word attachment sent to them through Microsoft 365 or Outlook, disguising the attached file as a company invoice. Victims are then encouraged to enable Macros, which downloads a malicious executable that encrypts all files on the compromised system as well as the network.
Locky ransomware impacts nearly all file formats and encrypts all files & replaces the filename with a .locky extension. Once the files are encrypted, the ransomware displays a glooming message that instructs victims to download Tor and visit the attacker’s website for further instruction. Locky victims are being asked to pay between .5 and 2 Bitcoins ($208 and $800) to receive the decryption key.
This ransomware also has the ability to encrypt your network-based backed files, so it’s a good idea to store important files in a third party storage as a backup plan to evade future ransomware attacks.
What’s interesting about this catastrophic ransomware is that it’s being translated into many different languages, allowing hackers to go beyond English boundaries and cash in on as many victims as possible. Among the highest rate of infected users includes Germany, Netherlands, U.S., Croatia, Saudi Arabia, Mexico, Poland, Argentina, and Serbia.
Protecting against malicious malware can be a daunting task, but securing a company's digital doors should be of top importance for all organizations. Falling for suspicious emails is one of the easiest ways a hacker can infiltrate your IT system so user education, SPAM blockers, anti-virus tools, and other security applications can help prevent employees from falling victim.
With anti-virus tools only covering the bare surface, it’s important to implement a layered security approach to your IT estate. By working with NNT, your organization will be able to adopt a ‘layered and integrated approach’ to security that incorporates the right process, methodology and set of tools in order to guard your IT environment against today’s ever-evolving threat landscape.
With NNT's Change Tracker Gen7, your organization will come equipped with intelligent file integrity monitoring, compliance management, system hardening, threat intelligence & security configuration management all powered by Intelligent Closed-Loop Intelligent Change Control, all working to make your IT estate as secure and compliant as possible.