Call: 806-350-8324

Locky Ransomware + Healthcare

Tue, 08/23/2016 - 12:19 -- Rachel Cunningham

The month of August has seen a very large increase of locky ransomware which is worrying business professionals specifically in the United States.  ‘Locky’ is the form of ransomeware that locks up and scrambles your important files and renames them with the extension .locky. The ransomeware has affected various industries, with the healthcare industry being hit the hardest.

Different from a JavaScript based dowloader, the new locky ransomware was being delivered to emails via DOCM format attachments.With the advancement of anti virus software and the ability to prevent certain strains of ransomeware, it’s no surprise this rise in locky ransomware has occurred.

With this style of attack, each email campaign has a specific “one-off” campaign code used to download the ransomware from a malicious server, and the malicious URL embedded with macro code is encoded using the same encoding function but with a different key for each campaign. The healthcare industry is an easier target due to the multitude of information being sent back and forth and the number of computers and equipment connected to the server.

A few tips on how to avoid this form of ransomware:
+ Never open any attachment if you don’t know the sender or it is unsolicited.
+ Always keep your antivirus & firewalls up to date.
+ Back up your computer regularly and consider keeping a copy off site.
+ Don’t enable macros in document attachments received via email.
+ Patch your computer early and often to avoid hacker loopholes.
+ Consider downloading a preview program for attachments so you don’t accidentally open a malicious document. 


Call Today: