Issue: A new ransom-ware, Locky, is up and about, crawling the Internet for the next prey. It is brilliant. It’s persistent. And it won’t go without taking some of your money.
Locky virus encrypts your computer files (rendering them unreadable). It then demands a ransom from you [the victim] to your files back. OR to get the decryption key.
Fact: The attack vector is simple and the usual approach: If you are a target, you will receive an email with a subject line that goes like: “ATTN: Invoice J-98223146”. A word document is attached. Sometimes the file is a .zip file, which has a word or excel document. You may be wondering how would hackers get your email address? Whenever you download a software or register on-line on sites that are not legit, you leave your email. It may be harvested and used for such purposes. It is critical you become careful where you leave your email. Once you click on the email in the attachment, a new document will open which looks unclear. The document will ask you to “enable Macros.” If you click enable, that will be your end. As you enable the macros, in the background, Locky will install in your computer and all your documents will be encrypted. After which, a message will appear asking for a ransom so as to get your files back. That could be a cool US$500 plus!!!
Fiction: No one is 100% secure. Locky is very genius. You may delete the email on the first attempt. However, on the second attempt, you may end up accidentally installing it.
Fix: Train all your staff. Keep your anti-virus definitions up to date. Do not use predictable email nomenclature. Ask your staff to avoid using company emails to register on any website online. Do not give average users Admin accounts. And do not connect critical servers to the Internet
