Strategic Group Blog

Everything you need to know about IT and technology

Written by Emily Gam
on November 12, 2015

It’s not only the rich and powerful who need to be vigilant against ransom demands, you do too!

The latest version of CryptoWall ransomware has gone viral and it’s nastier and smarter than ever. The 4th version of CryptoWall has better evasion techniques and tactics to elude antivirus programs.

If you haven’t heard of ransomware before, you need to be aware of it now. Ransomware attacks your computer through infected email attachments, encrypts your files and folders, and demands ransom payments to regain access.

If you don’t make a payment by a specific deadline you are threatened with the loss of all your data, or the threat of having it published online for the world to see.

Previous CryptoWall versions began spreading here in Australia late 2014. It still uses emails to gain access to your computer but is now cloaking itself as Government Agencies. The agencies most targeted are the Australian Tax Office and Australia Post.

CryptoWall 4.0 is still using the ruse of Government Agency emails to gain access to your files but is now far harder to detect by even the best antivirus programs. It now also alters file names so you don’t know what files have been encrypted and what haven’t. This tactic is designed to confuse and panic people and increases CryptoWall’s ‘success’ rate.

We have had success with retrieving and unlocking files encrypted by CryptoLocker but prevention is still the most effective defence against this type of ransomware.

To help prevent this happening to your business we recommend you and your staff:

tickRefrain from visiting social media sites or clicking on links in them whilst using any corporate machines, especially on a terminal server

tickRefrain from previewing and reading personal email sites whilst on corporate machines, especially on a terminal server

tickTurn off preview mode in Outlook, and do not open any emails that are from an unexpected/unknown source, delete them, especially if the subject is “Important Documents” or something similar – if you do manage to open one of these emails do NOT click on any “Click Here” icons or Internet links in the body of the emails

tickIf you have a warning message popup saying your files have been encrypted and demanding payment, or if you are unable to open an office document in your home folder or on one of your network drives – please stop what you are doing and contact your IT provider our reach out to our team

We also recommend following some of the main Government Agencies (ATO, Australia Post) on social media as they will advise people if they become aware of any scams being sent from fake Government email addresses.

CryptoWall really is a wolf in sheep’s clothing, and trust us, you don’t want to get bitten!

If you’re worried about the online security of your business, check out our Virtual CIO service:

Disaster Recovery Plan Template

  Disaster Recovery Plan

Let Us Know What You Thought about this Post.

Put your Comment Below.

You may also like:

News Security

65% of Aus business impacted by security breaches in 2018

The latest Security Report from Telstra confirms what we’ve all been feeling, malicious emails are on the rise and ranso...


DTA looks to appoint CIO - why you should too

The Government’s Digital Transformation Agency (DTA) has begun its search for its inaugural Chief Information Officer (C...


What is 5G and when is it available in Australia?

This year seems to be the year of the mobile phone hype. We’ve already blogged about foldable phones and how they can be...