Expert warns that the new strain is undetectable by anti-virus and aims to extort money
Dubai, UAE - A Trojan named "Locky" is currently paralysing computers of enterprises and private individuals with the aim to extort ransom money. RadarServices, a leading managed security service provider warns that the new malicious virus is currently affecting Europe and the USA and the Middle East enterprise sector may be susceptible target.
This Windows-Trojan is mainly distributed via email attachments and web-downloads. The emails are disguised as invoices or messages and contain infected office documents. When opened, this malware does not only encrypt computer but also infects networks and cloud-storages such as dropbox. In many cases, the Trojan integrates the infected computer in a botnet, thereby gaining remote control and the ability to spread the virus further in the network. As a result, companies are suffering from failures and enormous damages. As soon as the files are encrypted the blackmail appears on the screen with a ransom demand.
Aji Joseph, General Manager of RadarServices Middle East explains, "Threats especially on businesses are forever evolving and becoming more and more sophisticated. This current malware cannot be detected by antivirus programs, as the infected email attachment is very professionally designed with an aim to extort money. Companies here should adopt a more proactive approach towards security than just implementing antivirus and firewalls to protect their infrastructure."
According to RadarServices labs - in case of such attacks the corporate IT infrastructure is only secure if two IT risk management modules are applied: "Advanced Email & Web Threat Detection", the automated analysis of attachments of all incoming E-Mails in "isolated" environments (so-called "sandboxes") and "Network-Based Intrusion Detection" (NIDS), the detection of suspicious network activities, in case Locky is already active in the company but not yet noticed by the user. In the latter case NIDS detects the network traffic between the Command & Control Sever of the Trojans in the Internet and reports it to the IT security team to initiate immediate measures.
-End-
About RadarServices
RadarServices is the European market leader for pro-active IT security monitoring and IT risk detection as managed services. The services uniquely combine automated detection of security relevant issues and risks with the analysis and assessment done by experts. Data never leaves the clients' premises. There is no need for training, configuration or maintenance and no requirement for additional capital expenditures or headcount.
RadarServices is headquartered in Austria and operates in the United Arab Emirates, Germany, Poland and Russia. Customers include banks, insurances, industrial companies, operators of critical infrastructure and governmental institutions worldwide.
Media Contact:
Sunita Cordeiro
+97156 7408851
sunita@sfactorme.com
Sharon Fernandes
+97150 191 6232
sharon@sfactorme.com
© Press Release 2016
