AIS Tech Bulletin – Cryptolocker Advisory

06 Apr

AIS Tech Bulletin – Cryptolocker Advisory

By Staff 0 Comments

 

 AIS TECHNICAL BULLETIN  
 

Date: 06 April 2015

CIS/MS-ISAC ADVISORY NUMBER: n/a
DATE(S) ISSUED: 06 APRIL 2015

SUBJECT: Cryptolocker Advisory

EXECUTIVE SUMMARY:
Ransom Cryptolocker is a ransomware that on execution locks the user’s system, thereby leaving the system in an unusable state. It also encrypts the list of file types present in the user’s system. The compromised user has to pay the attacker with a ransom to unlock the system and to get the files decrypted.

For detailed information regarding this threat, please read the following Advisory from McAfee

THREAT INTELLIGENCE:
McAfee Corporation

SYSTEM AFFECTED: 

• All Microsoft Operating Systems

RISK: 
Government:
• Large and medium government entities: High
• Small government entities: High
Businesses:
• Large and medium business entities: High
• Small business entities: High
• Home users: High

SUMMARY:
This bulletin is intended to provide a summary of current intelligence and best practices to ensure the highest level of protection. AIS offers a full range of strategic and technical consulting services that can further help to ensure you identify security risk and build effective solutions to remediate security vulnerabilities.

RECOMMENDATIONS: 
We recommend the following actions be taken:
・  If you do not have Managed Anti-Virus/Anti-Malware protection it is recommended that you Contact AIS.
・  Instruct users to not open unknown or unsolicited attachments.
・  Ensure Microsoft Office Security policies for macros are set to High or Very High
・  Ensure there are no allow list policies that exempt .doc/.docx attachments from spam/AV scanning
・  Do not visit untrusted websites or follow links provided by unknown or untrusted sources.
・  Do not open email attachments from unknown or untrusted sources.

NOTE: AIS Managed Services clients with Managed Anti-Virus/Anti-Malware do not need to take any action as this issue has already been remediated. For more information on AIS Managed Services, please contact AIS or call toll-free: (844) AIS-LABS (247-5227)

REFERENCES: 
http://www.secureworks.com/cyber-threat-intelligence/threats/cryptolocker-ransomware/

Copyright © 2015 AIS Labs, All rights reserved.

 

Share this post

Author

Staff

Staff

Leave a comment

Your email address will not be published.