Get in touch:

Tags: , , , , , , , , ,

A new version of the CryptoMix ransomware malware is causing mayhem to businesses around the world – as one of our clients has found to their cost. We recently received a stressed phone call from the client after they discovered that a large proportion of their files had disappeared. Upon investigating, we found that the missing files had in fact been encrypted with a .empty file extension, a recognised ‘calling card’ of the infamous CryptoMix ransomware.

 

Laurence Childs, Director of Jalapeno Business Services, explains: ‘Our client’s had an IT set-up where all the users were local PC administrators, so each PC was operated with highest privileges. Additionally no central control over updates and other essential processes. CryptoMix had been sitting quietly in the background on one of these PCs for several weeks, where it had uninstalled the antivirus software – leaving the machine unprotected.

 

Worse was to come when we looked at the server. The client had a backup system in place, which should carry out automatic backups in real time. However, we found that no backups had taken place for around 6 to 8 weeks…and the system was only programmed to retain data for 30 days. The result? The server data was wiped out by CryptoMix and the client lost 85 to 95% of their data, with no chance of recovery.

 

Adds Laurence: ‘The real tragedy here is that the client thought they were protected against an incident like this, on several levels. Firstly, they had antivirus in place, which they thought was fully functional. Secondly, they had a backup system, which they assumed was working perfectly. And thirdly, they were under the impression that their business insurance covered them for the cost of both losing and recovering their critical data.

 

Let’s take each of these elements in turn and explain what went wrong. Yes, the client had commercial-grade antivirus installed on their individual PCs but, as noted above, CryptoMix had uninstalled it. With no central control from the server – and because the client wasn’t monitoring their antivirus software and its status – this went undetected.

 

Admittedly, the situation could have been even worse if the client had been relying on free antivirus software, as many businesses do. Any company doing this is not only putting themselves further at risk from cyber crime but is also violating the terms of the licence agreement, as free antivirus products are only licensed for use in a domestic environment.

 

Moving on to the backup, again this is sadly down to the client not keeping on top of what was going on. The system they used didn’t communicate with them, for example, by sending regular emails to confirm the backups were successful or flag up any issues. As with the antivirus, the software also fell short of meeting their needs which, when combined with a lack of monitoring, led to disaster.

 

Finally, there’s the insurance issue. In recent years, the number of claims for loss and recovery of data have soared due to the proliferation of viruses, malware and other cyber threats. Because of this, many insurers now only offer this type of cover as an added extra, not as a standard element of a business policy. In our client’s case, their terms and conditions had been changed a while ago, their insurer had let them know by email – but the communication was unfortunately missed or overlooked.

 

Despite all these issues, our client has thankfully been able to carry on trading,’ says Laurence. ‘But things could have been very different – in fact, they were saved by having a CRM database that CryptoMix was unable to encrypt. The moral of the story is twofold: firstly, put robust cyber protection and backup systems in place that are adequate for the type and needs of your business. And secondly, monitor them frequently and keep them up to date, so they remain effective and you stay protected.

 

Don’t fall victim to cyber crime

If you think your business is exposed to cyber threats, or you’re not sure what steps to take to protect your data, Jalapeno can help. Get in touch today to discuss your requirements, or to  request a FREE, no obligation audit of your IT systems and infrastructure.