June 2016 Ransomware Attacks against MS Office 365 Users

Posted by on Jul 4, 2016 | 0 comments

This June saw the first ever large scale ransomware attack against users of MS Office 365.  A ransomware attack is where the bad guys gain access to your computer, then use that access to encrypt your business data and program files.  They then charge you money to buy a decryption key.  Your files will be permanently locked away if you don’t pay within a specified period of time.  And the cost goes up each day until you pay, or until their “offer” expires!

Fortunately Enclave customers were not hit, and Microsoft moved very quickly to shut down the threat, but it’s more important than ever to follow recommended computing practices.  I’ll list the main ones below.

#1  Beware of unsolicited emails!  An email must be suspect if it comes from an unknown source.  Last week I received an unsolicited email from someone I didn’t know.  The email had an attachment that was supposed to be an MS Word document detailing a completed online financial transaction.  No such transaction or sender was expected.  I deleted the entire email without opening it.  I think that email was part of last week’s attack.

#2  Beware of emails with attachments!  Even if you regularly email back and forth with someone, treat email attachments with suspicion.  Many times hacked email accounts will start sending bogus emails with malicious attachments and web links without the account owner’s knowledge.  It’s best save attachments to a temporary folder, then scan them with your antivirus – BEFORE you open the attachments!

#3  Never give your everyday computer account administrator rights on your local computer.  Malware will run using the same user rights you use on your computer.  It will have complete access to your computer if you have admin rights.  Running without admin rights limits the damage malware can do.

#4  Never use the same password for different accounts.  Recent massive hacks of major services have been the result of users re-using passwords on multiple sites.  The problem with this is if the bad guys hack one site, they will then use that same password to try to access your other accounts.  It’s especially important not to use the same password on banking or other financial sites.

#5  Apply updates to Windows and other software in a timely manner.  Bad guys often take advantage of Windows or other software flaws that have already been patched.  This is my job; part of the service I provide my customers.  But it’s a great idea to keep your home computers up to date as well.

#6  Ensure there are regular full system backups.  This will be a real life saver should the worst happen and the bad guys delete or encrypt your critical business files.  Offsite backups are best.  This means the backups are not connected to your computers and the bad guys have no access to them.  Again, this is my job, part of the service I provide my customers.

#7  Always run the best antivirus/security software you can afford.  At the moment, that is WebRoot SecureAnywhere Business Endpoint Protection.  My clients who are not already running WebRoot will be switched over during the following days this week.  This is a service I provide my customers, but it would be a great idea to buy a WebRoot subscription for your home computers as well.  We cannot count the number of times major businesses were hacked because the home computers of employees were hacked first.  Microsoft continues to be hit with this one time and time again.  I can provide you with a WebRoot subscription for your home computers.  The cost is $3 per month per computer.  You can buy it here: https://www.enclave365.net/store/webroot-secureanywhere-business-endpoint/

To recap: Be suspicious of emails, don’t give your everyday computer account admin rights, keep your software up to date, create regular full system backups, use the best antivirus/security software you can find.

I would be glad to go over these ideas in more detail.  Please use the info below to contact me for further information.

Dennis Strain
Enclave Managed Networks
Box 365, Smithers, BC, Canada V0J 2N0

1-877-877-8793 toll-free phone & fax

Leave a Reply