Submit a Payment  Client Login Contact Us (888) 229-9993

Warning! New IT Security Threat – Cryptorbit, a New Virus

Posted by Jesus McDonald on Fri, Feb 28, 2014 @ 08:05 AM

Do not risk exposing your company’s confidential data to security threats!

blog_2.28-securityinternet There are many articles written about IT security threats. We often choose to believe it will not happen to our business, until something catastrophic does occur, and then it can be too late! The risk of losing confidential data should be a strong enough incentive, but understandably we often trust the systems that are in place, and we assume our data is protected.

Security software is designed to detect security threats, but this particular threat is so new that it is often going undetected. Damage can be limited if an attack is suspected, or detected early and the malware is removed. The good news is that software is now available to block the Cryptorbit payload from launching.

Cryptorbit targets computers running Microsoft Windows. It first surfaced on February 13th 2014. This heinous ransomware trojan comes from various innocuous sources. Generally from a legitimate looking email attachment which, when activated, will encrypt certain types of files stored on local and mounted network drives. Since the virus is so new, very little is known about how to fix it.

Then the ransom begins! The malware will display a message offering to decrypt the data if payment is made by a certain deadline. This should be bad enough, but there is more! - If the payment deadline is not met, the ‘private key’ will be deleted and your data will remain encrypted. Of course, there is then an option presented to pay even more money or Bitcoin to release the data.

As I write, those who choose to use their abilities for good rather than evil (make no mistake, this cyber ransom IS evil) are working to unlock the code. To date, however, some files remain encrypted with no answer other than paying the ransom (which, incidentally, does not always work).

I am unfortunately writing this blog as a victim. I made the assumption that I had all the correct procedures in place, so here are a few tips, from the obvious to the more obscure

  • Beware of all email attachments, not just those from an unknown sender
  • Block emails from unknown senders if you are unable to verify a connection
  • Links can often look legitimate; err on the side of caution when clicking on a legitimate looking link
  • Train all employees to beware of anything that could possibly be suspect, and to check for verification before opening anything unusual
  • Remember legitimate banks, invoice factoring companies, or other financial institutions do not contact their customers by email to update accounts
  • Perform regular scans for new viruses

I have learned a valuable lesson today. I will never again make the assumption that my data is safe. Consider your options for disaster recovery and backup, don’t wait until it is too late. Bear in mind that a corporate security breach can cost millions of dollars. Don’t let this happen to your company, or your reputation!

Guest blogger Abbe Lyle is a writer and Creative Director at Catalyst Marketing Group

Topics: About Invoice Factoring

Subscribe by Email

Posts by Topic

see all

Share