If you have Velox Hosted email, you may notice some disruption in service Friday night 4/22/16 from 10:00 PM – 6:00 AM. Please make necessary plans to work around this event. We apologize for any inconvenience this may cause you.
Our engineers will be adding hardware and modifying the network backbone in our hosted facility to improve performance and dependability of our hosted environment. Our Email server is the most widely used service out of this data center, but we will also offer data storage, remote backup, and remote work space services in the near future.
Thank you for your patience as we make improvements to serve our customers better.
NBC and several other news organizations reported Wednesday in an article about an encryption virus that has hit several U.S. Hospitals and crippled them so much so that they are seeking to pay the perpetrators to unlock their data. This is a staggering reality that saddens and angers me as an IT security professional.
What is an encryption virus?
Cyber attackers have developed a virus that will silently work through all common documents contained on your hard drive and encrypt them beyond recognition. Basically this means that all the 1’s and 0’s that make up your document files are scrambled according to a complex equation that makes reordering them almost impossible without a unique code. Once this process is complete and all your data is scrambled, you’re notified of this and asked to provide a sum of money to get the code to unscramble your data. There is typically a timeframe of 48 hours or something before the code is lost for good.
What can you do to prevent this?
Like any cyber attack, it usually requires you to open something. Be very careful of what emails you’re opening, or what windows you respond to on the Internet. As noted in the NBC article above, viruses usually hide themselves as PDF’s in emails posing as invoices. Many people think invoices are important and will often open them without question.
What can you do once infected?
Once this data is encrypted there is really no hope of unscrambling it. Your options are to pay the ransom, or in the best case retrieve the data from backup and tell the cyber attackers to bug off. I recommend the latter.
How should I respond.
The article above is saddening for two reasons. 1: Because of the devastation caused for everyone involved in cleaning up the mess. The panic, the anger, the loss of time and money are all things that organization, especially hospitals, don’t need to suffer. 2: because the hospitals in the article are considering paying the ransom. This is funding terrorism and furthering the research and development by cyber attackers for more sophisticated attacks. If no one paid, the hours of development and administration that goes into supporting this kind of cyber-criminal activity would be useless and these programmers would move on. But some people pay large sums of money because they panic, and they didn’t have a plan when the attack hit.
We come across encryption viruses every so often on a business network. So far we have had our customers critical and server shared data back within the hour. We then take the desktop or laptop that was infected and totally rebuild it for the person to have them back up and running in a safe environment within 24 hours. At Velox Systems, we spend a lot of time and energy making sure our customers have good backups at several points throughout the day so we know that if the unthinkable happened, we can get our customer back up and running in a reasonable time to sustain business.
Several customers have reported getting an email containing a Dropbox link. These emails are coming from people they know. This is likely a result of the senders email being hacked and used to send malicious email to the victim’s address book on behalf of the spammer.
Two things you need to watch out for:
- Be very cautious opening an email containing a link to Dropbox. This is a common means of getting you to download malicious software
- Don’t be a victim of this kind of attack! Ensure your email password is complex for services such as Gmail, Microsoft email, Hotmail, etc. Check out our post on password security published last year: PASSWORDS EXPLAINED – WHY SHOULD MY PASSWORDS BE COMPLEX?