Aggressive Locky Ransomware Threat on the Rise

Subscribe to Our Blog

Topics: Cybersecurity

Just under two years ago, the world was introduced to a new form of ransomware called “Locky”—aptly named for its use of the extension .locky on the files of an infected computer. Since then, the cyber scam, along with countless other strains of ransomware, has infected hundreds of millions of computers and netted over a billion dollars in payments.

However, after a steep drop in Locky attacks in December of 2016, Locky is back, and even stronger than ever.

According to TechRepublic, there were over 20 million Locky attacks on Monday, September 18, and the number has continued to grow rapidly throughout the week. These attacks are sent via email and they all include a malicious attachment.

Experts at Barracuda Networks report that, so far, these emails have been disguised as…

  • An Herbalife-branded email
  • A generic copier file delivery email
  • A voicemail service email
  • An Amazon Marketplace email

(see here for examples of the aforementioned emails)

Reduce your ransomware risk

First, discuss this information with your colleagues—use it as a reminder to practice safe internet practices, as outlined by the National Cyber Security Alliance. Furthermore, be sure to stay vigilant about the following…

  • Email attachments. When you receive an unexpected email with an attachment, verify with the sender before opening it. Also, if an attachment requests to enable macros, do not comply—this is how the virus enters your computer.
  • Logging out. Once you’re finished working, log out of your network and computer—don’t leave the doors unlocked.
  • Software and hardware updates. It’s a standard best practice to run regular updates and patches to help keep your computer efficient and more secure. If you have an IT provider, they should be doing this for you as a proactive service. You shouldn’t have to ask.
  • Email security and protection. With ransomware like Locky, email is the most common form of attack. So, it’s a good idea to have a layer of protection in place to help filter out potential attacks before they reach your inbox.
  • Data backups. Regular backups provide insurance for your organization in the event of a ransomware attack. If your organization is infected, you should be able to quickly restore the data from a backup and avoid paying the ransom altogether.

What you can do to stay cyber aware

When it comes to cybersecurity, end users are often your biggest threat. Stay educated on best practices. Reach out to local security experts, and attend cybersecurity events in your area.

If you’re looking for a place to start, sign up today for MainSpring’s Technology Bootcamp: Safeguarding the Business lunch & learn on Thursday, October 5 from 11 a.m. to 1 p.m. Hear the latest tips from our cyber gurus, network with cyber professionals in the Frederick area and have lunch on us.

Registration is free, and the event is part of the Frederick County Chamber’s Entrepreneur Council Brown Bag Lunch & Learn series. Be sure to sign up today, as spots are limited!

Sign up today. Spots are limited »