Locky - Encrypted Data

Be cautious of emails containing invoices!

A new variant of ransomware has recently been spotted in the wild.

Dubbed “Locky”, the new ransomware is very similar in function to its predecessors, CryptoWall and TeslaCrypt. Locky encrypts files on the infected computer, preventing users from accessing documents, photos, music, and most of everything else that you care about.

The encryption is unbreakable without the decryption key, which the Locky ransomware tells you how to purchase.

How to avoid the Locky infection

Locky is currently known to spread via email. The email will contain a Microsoft Word document, disguised as an invoice or some other seemingly important document. What the Word document actually contains is a malicious macro, which will automatically download the Locky ransomware if enabled.

The two best ways to avoid the effects of Locky:

  • Back up your files regularly to an off-site location. The only way Locky can’t access your files is if they’re backed up on a device that is not connected to your computer or network.
  • Do not open any email attachments from a source you don’t recognize.

If you open many emails, attachments, and/or invoices daily, a good way to protect yourself is to disable macros in Microsoft programs. Currently, the Locky ransomware cannot be downloaded if the malicious macro is not enabled.

Disable macros in Microsoft Office programs

Macros are disabled by default in Microsoft programs, but it’s a good idea to double-check just in case.

Disabling macros does not necessarily protect you from all types of infection or ransomware.

Disabling macros is different depending on your version of the Microsoft product, so head over to the Microsoft Office support website for more details (or, better yet, Google “disable macros Microsoft [product] [version]”).

If you’re on a newer version of Office, the process will look something like this:

  1. Open the Office program (in the case of Locky, you’ll definitely want to check Word)
  2. Click “File”
  3. Click “Options”
  4. Click “Trust Center”
  5. Click “Trust Center Settings”
  6. Click “Disable all macros with notification” or “Disable all macros without notification”

Disabling notifications as well means that Office won’t even tell you if a macro is present in the document and will not prompt you with options to enable it or ignore it. If you’re 100% sure you’ll never have to deal with macros, you can choose this option. Otherwise, notifications are a good thing.

Depending on your system administrator’s settings, you may not be able to change these settings. If one of the options above isn’t selected and you can’t change it, let your admin know.

Be cautious and, more than likely, you’ll be alright

Locky and other ransomware programs are among the most sinister and debilitating in circulation. However, they often rely on common user mistakes to gain access to your system.

If you have any doubt about an email, an attachment, a file, a link, or a website, the best thing to do is to avoid it. Be particularly cautious when it comes to email attachments, and be 100% sure you trust the source before opening anything.

As long as you exercise caution (and keep your programs, Office, OS, and browsers updated), you can avoid most dangers. So, keep your eyes peeled!

West County can help

If you’re looking for help with IT security or data backup services, West County can help!

We’ve been in the IT business for decades and can help your business stay up to date, backed up, and as secure as possible.

Give us a call at (707) 579-2089 or fill out the form below to get in touch. We look forward to working with you.

Contact Us

Contact us by filling out the form below.

"*" indicates required fields