Ransomware on the Internet is now at critical juncture
Nobody is safe from ransomware on the Internet
Due to the recent increase in the amount of ransomware on the Internet, our network security partner, Network Box, has raised its alert level to 4. So, what exactly does that mean?
Ransomware on the Internet is everywhere. Currently, there is serious malicious activity affecting Internet services globally.
New variations of delivery mechanisms for this ransomware are popping up every few hours. While most are coming in via eMail, be forewarned that using trojan downloaders to download the actual malware over HTTP/HTTPS protocol, techniques such as ad network compromise on popular HTTP/HTTPS websites are being used.
That said, please check your box configurations immediately and follow these tips from our partner.
1. The majority of this ransomware is coming in as trojan downloaders, or links, in eMails. The eMail attachment contains just a downloader, and the malware itself is downloaded using the HTTP or HTTPS protocols. Accordingly, please ensure that both eMail and web traffic are scanned.
2. Due to the common use of the SSL encrypted HTTPS protocol for this, and other malware, please also ensure you are using HTTPS scanning for desktop workstations and servers. If you are still running NBRS-3, arrange for an upgrade to NBRS-5 as soon as possible, so as to be able to protect their HTTPS traffic.
4. Often, eMail messages containing broken malware fragments will be blocked as spam. That is expected, and an effective anti-spam policy (quarantine spam messages on the box), should be enforced.
5. This is a good time to remind users NOT to open attachments in incoming eMails, even if that eMail says it is from someone they know. We suggest rechecking and reconfirming with the sender, if you are not 100% confident. Be suspicious, and be vigilant.
Malware on the Internet is everywhere right now. Please be safe and contact us if you need any assistance protecting your network.