Summary
An unprecedented combination of factors has prompted us to strongly recommend backing up not only servers, but also PC’s.
A full backup of servers and PC’s will allow the quickest recovery from a possible infection.
Problem
In the last month Cryptowall v2 has been holding companies and individuals to ransom by encrypting doc, xls, pdf, photos and other data files.
Once a PC is infected the virus will then travel around the network and infect any files it can see on servers and other PC’s.
It is impossible to clean the effects of this virus.
Only by paying a ransom in anonymous Bitcoins starting from $500US can your files be decrypted. If the ransom is not paid within a few days, the price will increase and ultimately the “decryption key” is deleted thus making decryption impossible.
Cryptowall v2 infection occurs by the usual means of clicking on unknown attachments and links in emails, surfing questionable websites and now also just by viewing mainstream websites such as Yahoo, AOL, match.com and others.
This is the dangerous part; infected advertisements on genuine websites can trigger an infection even without clicking on the ads.
Antivirus will usually (but not always) catch this mutating virus. Make sure your antivirus is up to date.
Adobe Flash is currently one of the main infection vectors, so Flash should be updated if it’s installed. (control panel>flash player>advanced>check now)
Conclusion
So the reminder is: Please backup everything at work and home, and then don’t leave the backup connected to the PC or server!
If you need a quick reminder of how to back up the whole server or PC using “image based backups” please contact us.
Please note this is not a marketing spiel, we are genuinely concerned about the havoc-causing potential of this threat.