Protect Yourself From The Cryptowall Malware

There is an extremely dangerous form of Malware going around right now called Cryptowall.  Don’t let yourself be the next victim.

cryptowall

Long Story Short

This is a really bad virus/malware.  It spreads by “tricking” victims to open a .pdf attachment in an email, or by a victim clicking on an advertisement or a link while on a web page.  Because most antivirus products don’t know how to guard against it at the current time, it is spreading rather quickly.  Once infected, it will “encrypt” data on your computer including making your EMR and/or billing data useless.  The two best protections against this malware is to (1) exercise safe computing habits by not opening any email attachments unless you are confident you know the source, and (2) make and keep regular backups of your data.  Whenever you made your last backup of your computer, if you get infected by the virus then you can restore your backup to get all of your files back.

For more details….read on.

What is CryptoWall?

CtyptoWall, commonly referred to as RansomWare, is a Trojan Horse that encrypts files on the compromised computer as well as any mapped network drives.  It then asks the victim to pay a random in order to have the files decrypted (restored).

This malware uses innovative ways to propogate itself such as using ads on websites that take advantage of vulnerabilities in browsers and unpatched plug-ins.  It has also disguised itself in PDF attachments within emails.  Unfortunately, many current Antivirus products are not protecting computers from this recent threat because of how new it is and because of how sophisticated it is.

Some of the websites that had been showing these virus infested advertisements were big websites like Yahoo, AOL and Match.com.  Visit this blog post to learn more about the details of all this.

What To Do If You Get Hit By This Virus

If this CryptoWall malware gets on your computer, there isn’t anybody out there that knows how to remove these corrupt files and then restore all of your files.  The virus is so sophisticated that nobody knows how to fix it.

If this gets onto your computer then the structure and data within your files and folders have been irrevocably changed.  You will not be able to open the files or view them or see them in any way.

The following three files will be generated on your computer after your system has been infected.  These files provide instructions on how to recover the files on your computer by visiting a website and paying a certain dollar amount (the ransom fee).

  • DECRYPT_INSTRUCTION.TXT
  • DECRYPT_INSTRUCTION.HTML
  • DECRYPT_INSTRUCTION.URL

You could pay the ransom to the criminals, but there is no guarantee that they will restore your computer back to normal.  There are reports that victims are paying the ransom and then their computer gets restored, but that isn’t always the case.

Start Backing Up Your Valuable Data Immediately!

Your only other option is that you make sure that your server and your network and your computers are being backed up.  If you have backups of your system being done, then you can recover your data.  For example if you have been paying AZCOMP for our cloud backup services, your data will get backed up every night.  If you get hit by this virus, then we can restore your backup for you and restore your computer to the way it was before you got the virus and problem solved.  If you do not have a backup, then you are as they say, up a creek without a paddle.  If you want us to start backing up your data, you can get more information here and sign up for the service.

We also have other back up options called a Back-Up and Disaster Recovery Server.  Depending on your practice and your network, this might be a better option for you than the standard Cloud Backup system that we offer.

What You Can Do To Help Prevent From Getting This Virus

Keep you and you company protected by following the guidelines here.  Since this is going undetected by many Anti-virus products, the best defense is to practice good internet usage techniques.  This includes things like:

  1. Do not open email attachments from someone unless you are expecting them.
  2. Hover over an email-address in order to confirm that it is coming from a valid and recognized domain.
  3. Do not click on website advertisements.
  4. Do not visit questionable websites.

In addition, although many Antivirus products are still not catching this threat, it is still advised to have a current Antivirus product installed.  In addition, keeping computers up to date with Microsoft Patches and third-party add-ons for your browser, such as Adobe Flash and Java will help prevent this virus.

Remember- Think before you click; exercise safe internet browsing; get virus protection and always backup your data!

In the past couple of weeks, we have had 3 of our own customers infected with this terrible malware.  2 of our customers are on our backup product and we were able to restore their systems and all is good.  One of our customers did not have a backup of their system and we were not able to help them.  Don’t get caught in the same mess that they are in now – start backing up your data!