Posts

Security Alert: New Malware Wipes Hard Drives to Prevent Detection

/in ,

computerkey
As first published on ZDnet’s Zero Day Blog, Cisco System’s Talos Group has identified a new strain of malware that will render systems useless to avoid detection and analysis.

Named as the Rombertick strain, the spyware collects data on everything a victim does online, indiscriminately, without focusing on specific areas such as online banking or social media.

Most concerning, however, is the Rombertick’s built in defenses. If the virus detects that it is being analyzed it will attempt to overwrite the Master Boot Record, rendering the PC inoperable. If that fails, the virus will destroy all files in a user’s home folder by encrypting each file with random keys.

In short, once infected, it is nearly impossible to remove without rendering you PC useless.

As Rombertick infection rates are still low, the best protection is good security practices:

  • Make sure you anti-virus software is up to date and switch to (or add) a cloud-based AV solution with continuous updates.
  • Do not click on attachments from unknown senders
  • Block email attachments that include executable scripts or code

While these steps are helpful, a defense-in-depth approach is best at identifying and preventing malware, particularly for viruses that are designed to evade detection.

If you would like to verify the robustness of your anti-virus protection, we can add a cloud-based layer of protection at no cost for a month and help you analyze your results. Contact us for additional information.

Click these links to learn more about our Webroot solutions and additional data protection and security solutions.

 

5 Reasons a Crypto Virus May Ruin Your Week

/in ,

Most businesses run some form of malware protection on their servers, desktops, and laptops. And yet, crypto viruses like cryptowall and cryptolocker still hit these “protected” networks.

Here are 5 reasons your virus protection may fail when it comes to crypto viruses:

1) Limited Virus Profiles

Most anti-virus systems run locally on each device. They compare file changes with patterns related to known viruses as a means of identifying malware. The pattern, or definition, database, however is typically only a few GB in size. With this limitation, it is impossible to detect the many variant forms for viruses.

2) Periodic Virus Updates

Most locally installed anti-virus systems update periodically by connecting to a local distribution server or the anti-virus software vendor’s servers.  Because updates are not real-time, there can be a gap of hours or even days between when your system is unable to detect new viruses or variants.

3) Behavior Analysis

Chances are good that your anti-virus software has some intelligence or heuristics that identify behaviors as likely malware. Chances are equally good that this analysis is triggered by file actions. Few anti-virus solutions monitor systems for virus-like behavior (such as an application rapidly opening and closing files) that are not triggered by user action.

4) Quarantine instead of Rollback

Most anti-virus solutions quarantine files that have known viruses or are likely to be infected. With crypto viruses, however, quarantining the file with the virus does nothing to protect or recover the files that have already been encrypted.

5) Device-Specific

Most anti-virus solutions focus on PC and MAC platforms. But what happens when a virus is saved on a mobile device syncing with your server?

Fortunately, you do have options. Cloud based anti-virus solutions can overcome all five of these limitations. We offer a cloud-based solution that:

  • Has a virus definition database over 2 TB (2,000 GB) in size
  • Updates instantly and continuously when devices are connected to the Internet
  • Analyzes behavior of the system and processes, not just those triggered by human action
  • Will rollback suspicious activity, undoing damage before it can spread
  • Has available protection across MAC, PC, Android, and iOS platforms from a single web-based console.

Here’s your Challenge

As a cloud-based solution with a minimal local footprint, we can install our service without interfering with your current anti-virus software.

Let us install a 30 free, no-obligation trial and see for yourself if your current anti-virus solution is giving you the protection you want or need.

To learn more about your options, or to request a trial, contact us today.