Managed IT Support Tips: Avoidling Ransomware

Be wary of emails containing invoices that are masquerading under a Microsoft Word document file because it may contain ransomware. Having a managed IT support team that can help filter emails can make a world of difference in trying to keep your business data safe and secure from cyber criminals.

A seemingly innocent Word file can bring a big headache and an even bigger loss in profits if the malware or ransomware cripples your IT systems. The digital deviants are also using social engineering hoaxes with attention-catching subject lines in compromised websites and spam emails to lure people into opening files that have the ransomware called “locky” which latches on and multiplies into their IT system. Without a dependable managed IT support group doing 24/7 monitoring, you could easily get infected and see .locky extension filenames are being shared on your business network. There would be no other alternative but to pay the hefty ransom and rebuild your computers from scratch. The ransomware is scattering at an alarming rate of 4000 newly infected machines per hour. Do not become one of the unlucky 100,000 who falls prey to these cyber criminals each day!

Do you remember the Macros problems in the late 90s? Well, it is had to fathom but it is unfortunately back in fashion in this advanced technological age. A lone MS Word file could compromise your entire system if you enable “Macros.”

It is quite hard to swallow that in this day and age of digital advancements that alone MS Word document could jeopardize your business system by enabling ‘Macros.’ Cyber attackers distribute the ransomware via Outlook or Microsoft 365, and it is often masked as an invoice attachment in the email. The Word file is embedded with diabolical macro functions. If you have been using MS Office since the 90s then you might recognize the message “Warning: This document contains macros,” and if you encounter this again today, do not click on allow and notify your managed IT support team immediately.

When a user clicks and opens a malevolent MS Word file, the document gets automatically downloaded to their system. Again, if you mistakenly click or download a malicious Word file, contact your managed IT support team immediately to mitigate whatever damage this may cause to your business network. The real danger occurs when somebody opens the Word file that has scrambled content and a notification pop up saying that they would need to “enable macros” to be able to view the file contents. If a user enables the malicious macro then it would download a .exe file from the cyber attacker’s server and it automatically runs the executable file. The executable Locky ransomware file will then start to encrypt all your business data on the computer and multiply and do the same to the business network. By then, it would be too late for your managed IT support group to save that computer and all other files that were encrypted.

Ransomware, especially Locky, encrypts all files and affects most file formats and changes the filenames with “.locky” extensions. After your files have been encrypted, the malware will display a message giving instructions on how to gain back access to their business data and systems. This could come in the form of an invitation to visit the cyber criminal’s website or to download their TOR, (and yes I am chuckling at the thought of the hacker Terms Of Service too) for pertinent instructions on payment and file or system recovery. You would not want to be in this disturbing position so best get in touch with a capable managed IT support team if you have not taken measures to protect and secure a back-up of your business IT systems. Tens of thousands of businesses in Australia were victimised by ransomware in the past year, there was even a hospital in the USA which had no choice but to pay the ransom to protect their patient’s information.

A dependable managed IT support group would also know that Locky can also encrypt network-based backup files so it is best to have important business information backed-up on a cloud server or a physical server that is not connected to the network. The said ransomware has been translated into other languages so it is spreading worldwide. Most Australian managed IT support groups are on high alert for these kinds of malware because of the rise in reported incidents of late. Other countries that are greatly affected include Germany, USA, Netherlands, Saudi Arabia, Croatia, Mali, Mexico, Argentina, Poland, and Serbia.