Thanks for the warning!

I assume there are steps one can take to reduce the danger of infection, and also methods of backing up that are more likely to survive the attack. If security people have any practical advice, I'd love to read it.

Social engineering means an email comes into an office or home and someone downloads an attachment or clicks a lick in the email, and gets infected with the ransomware. So, the first step is for everyone to be extremely cautious about attachments, links and just emails in general. I don't know if the ransomware is transmitted via USB sticks and other methods.

The rest of the cybersecurity steps, I'm not so sure about. That's where the IT people on the board will have to step in.

Carbonite, crashplan, or mozy are a few that come to mind.

If your files are backed up correctly this would only be an inconvenience.

I looked into Carbonite and Mozy but ended up choosing SugarSync. I no longer remember why, but I've been very pleased with it -- automatic backup whenever I change a file so no need for me to do anything, and I can retrieve my backed-up files quite easily from any computer with internet access. The one time I had some sort of issue, because of a misunderstanding on my part, I phoned and reached an actual human being who solved my problem.

OK, end of unsolicited testimonial for SugarSync, and back to ransomware -- as I understand it, one issue is that if you get infected and then there's an automatic backup, the infection can spread to your offsite backup. My impression (speaking as a nontechnical person) is that even using one of these offsite backup services might not fully protect you.

company name removed for privacy....

In recent months, we have had multiple incidents where a computer within *** was infected by a type of virus commonly referred to as ‘Ransomware’. These infections entered our environment disguised as a Word resume attached to an email, or as a .ZIP file. The email appeared very normal but once the attachment was opened and trusted, it launched a process that once fully deployed, reached out to our file servers and started to lock all data files and make them unusable.

In light of this, we have put in place some additional security precautions on our network to help block these types of malware from entering. It should be noted that these steps cannot fully protect our environment, and each user has a responsibility to think and act carefully.

Incoming email from external sources is now being more thoroughly scanned. When an email has an attachment that is high risk (e.g. executable, script file, or suspicious attachment name), the email is not delivered to the *** recipient.

We are also scanning the contents of ZIP file attachments and will block ZIP files containing scripts or executables. ZIP files containing PDF’s, drawings, Office documents and other business related content will not be blocked.

Staff are still requested to be cautious of any emails received and DO NOT open any attachments if you are not sure who the sender is. Microsoft Word has an additional ‘Protected View’ that opens the Word attachment in a safe ‘read-only’ mode.

Be very careful when ‘trusting’ a document and turning off the ‘Protected View’. Make sure the document looks legitimate and relates to the email subject and body. As an example, if the name on the resume does not correspond to the email sender, you should be very suspicious.

Computer hackers are very creative. A recent strain of malware came into our organization with the subject line of ‘RESUME’ and with an actual resume in Microsoft Word format attached to the email. Once the attached Word file was opened and ‘Protected View’ was turned off, it ran the ransomware process that started to lock data files starting from the local machine and then spreading out to the connected file servers. The only way to recover locked data files was to restore from a previous backup.

Starting this week, we will be disabling the ability to automatically launch a ZIP attachment from inside Outlook. If you ‘double click’ to open a ZIP file from within Outlook, you will receive the following warning with instructions to be careful and save the file to disk if you trust the contents of the ZIP attachment.


In all cases, if you have any doubts on any email or attachment received, DO NOT open it – delete