|Date: 06 April 2015
CIS/MS-ISAC ADVISORY NUMBER: n/a
DATE(S) ISSUED: 06 APRIL 2015
SUBJECT: Cryptolocker Advisory
Ransom Cryptolocker is a ransomware that on execution locks the user’s system, thereby leaving the system in an unusable state. It also encrypts the list of file types present in the user’s system. The compromised user has to pay the attacker with a ransom to unlock the system and to get the files decrypted.
For detailed information regarding this threat, please read the following Advisory from McAfee
• All Microsoft Operating Systems
• Large and medium government entities: High
• Small government entities: High
• Large and medium business entities: High
• Small business entities: High
• Home users: High
This bulletin is intended to provide a summary of current intelligence and best practices to ensure the highest level of protection. AIS offers a full range of strategic and technical consulting services that can further help to ensure you identify security risk and build effective solutions to remediate security vulnerabilities.
We recommend the following actions be taken:
・ If you do not have Managed Anti-Virus/Anti-Malware protection it is recommended that you Contact AIS.
・ Instruct users to not open unknown or unsolicited attachments.
・ Ensure Microsoft Office Security policies for macros are set to High or Very High
・ Ensure there are no allow list policies that exempt .doc/.docx attachments from spam/AV scanning
・ Do not visit untrusted websites or follow links provided by unknown or untrusted sources.
・ Do not open email attachments from unknown or untrusted sources.
NOTE: AIS Managed Services clients with Managed Anti-Virus/Anti-Malware do not need to take any action as this issue has already been remediated. For more information on AIS Managed Services, please contact AIS or call toll-free: (844) AIS-LABS (247-5227)