*** I M P O R T A N T I N F O R M A T I O N***
In order to assist the customers and users of CAI software and network services, we have compiled this informational document to help you better understand some of the threats against PC and networks and some of the ramifications. With one new Web page infected every 4.5 seconds, the Web is now the number one attack for cybercriminals.
Virus: A computer virus is a program that, when executed, replicates by inserting copies of itself (possibly modified) into other computer programs, data files, or the boot sector of the hard drive.
Malware: Malware is short for malicious software, meaning software that can be used to compromise computer functions, steal data, bypass access controls, or otherwise cause harm to the host computer. Malware is a broad term that refers to a variety of malicious programs. Common types of malware; adware, bots, bugs, rootkits, spyware, trojan horse, viruses, and worms.
Ransomware: a type of malicious software designed to block access to a computer system until a sum of money is paid.
Phishing: the activity of defrauding an online account holder of financial information by posing as a legitimate company.
Scareware: malicious computer programs designed to trick a user into buying and downloading unnecessary and potentially dangerous software, such as fake antivirus protection
Spam: the electronic sending of mass unsolicited messages. The most common medium for spam is email, but it is not uncommon for spammers to use instant messages, texting, blogs, web forums, search engines, and social media.
Adware:software that displays unwanted advertisements known as malware.
There are dangerous virus/ransomwares that are hitting many customers. Even the State of Idaho Tax Commission has recently sent out communications warning users to be cautious. The virus can come in through users clicking on email attachments that are actual viruses or through attacks that utilize exploiting other avenues. The attack then installs on the system and begin to attack and go after its real payload: Your key data files such as pictures, documents, financials, memos, emails, videos, music etc.
It will often search for any Office (doc, docx, xls, xlsx, ppt, pptx), database (dbf, adb, mdb), picture (jpg, tiff, gif), adobe (pdf), video (m4a, mp4, wmv, mpg) audio (mp3, wma, aac) file and encrypt it. It will also search across a network for any file across the network that is also an Office or Database file and encrypt it as well. It often shows a message on the screen asking for payment to decrypt the files.
In our experience, when a large popup appears on your monitor screen:
DO NOT CLICK ON OR INTERACT WITH ANYTHING ON THE SCREEN!
If you see such a popup, hold the power button in on the pc until it shuts down (around 6 seconds), or just pull the power plug out of the wall or PC to shut it off. It will do much less damage than if you interact with the sometimes scary or official looking popup showing on the screen.
Once you click, move, try to close the popup etc, the payload has been delivered and the process of encrypting, destroying or otherwise wreaking havoc on your data files has begun. This is called social engineering. The hackers know you will react and want to close, move or get rid of the item on the screen, just as you normally would. They are counting on you reacting to their prompt.
Once your files are encrypted or destroyed, the only real remedy is to restore from backups, if there are any, otherwise your data is lost. Besides the loss of data, there are several DAYS of down time to the user and organization which can easily equate to thousands of dollars in loss of productivity. Not to mention the hours and days of time spent by IT staff searching for the infected files, deleting the files and restoring from backups. A simple, inadvertent, inattentive click of the mouse can cause massive damage to your data, network and company. Please be attentive while mousing and don’t get click happy!
Article by: Garn Herrick