The new malware, named RAA, has been disguised as a document and immediately begins encrypting files when opened. The new approach sees victims sent emails that if opened on a Windows machine, use the system’s script host to run its code – something that is expected to trick many people into allowing the malware to infect their computer.
More traditional malware comes in executable programs such as an .exe or .bat file, which would automatically be screened and then blocked by the operating system. The new malware, though, goes undetected, with Windows allowing .js files to run on their systems – potentially opening up millions of people and businesses to the risk of being hacked.
Measures to take
The most obvious method to protect yourself from attack is by taking the security measures available, utilising technologies such as anti-virus, web filtering and firewalls. Most ransomware is delivered via email, typically delivered via email opportunistically and the typical overall themes are shipping notices from delivery companies. The best way to avoid this type of malware is by not opening any unknown attachments from emails, particularly those with a .js extension.
Your company should also have a secure back-up policy, although in order for a back-up to properly work, it needs to be “serialised”, with older versions of files available in case newer versions have been corrupted or encrypted. It’s also sensible to back-up your data in an offline environment, with most ransomware attempting to attack the network and connected devices. The final piece of advice to protect against malware is to restrict your employees’ privileges online, making it easier to monitor user activity.
To make sure your business is safe from cyber criminals and malware, call our team on 01462 417070, or email email@example.com