Locky Ransomware is Still Lurking

You may have recently heard about a sudden decrease in the volume of Locky Ransomware attacks, but let this be your warning: do NOT let your guard down. Based on analysis of past Locky Ransomware activity, experts at the Avast Threat Labs are predicting that another attack is imminent.

Let’s take a quick step back, for those who are fortunate enough to have never experienced such a security breach and/or have never heard of this specific threat. Locky Ransomware is frequently attributed to Russian hackers and what happens when you are infected is that your files are scrambled and the bad actors demand a ransom payment (yes, we’re talking cold hard cash here) to unscramble your files and release them back to you. As you can imagine, if you don’t have a well implemented backup strategy, this can leave you at the mercy of the hackers, as the cost of losing critical business information is often greater than the monetary demands being made to restore your files.

Needless to say, the best strategy when it comes to ransomware is to avoid falling victim in the first place. Here are a few key steps everyone should be taking to avoid a ransomware infection, and in the event you do get hacked, ensuring you can restore your own data without having to pay a ransom.

  1. Never open attachments from unknown or suspicious senders.
  2. Never open suspicious looking attachments from known senders (your contact could have gotten hacked and their malware may be trying to attack you next).
  3. Turn off macros as part of your default settings – you can always go in and allow a specific macro to run, if you are sure the file is safe and from a verified sender. This will help ensure that you never accidentally run a macro associated with a suspicious, unknown or unexpected attachment to an email.
  4. Have a backup plan that keeps recent versions of important files and data in a secure location (and separate from the original files).
  5. Maintain your network and individual computer security systems to ensure all patches are installed and all programs are up to date.

The bottom line is Locky Ransomware is here to stay, and the only way to avoid infection is to remain vigilant, even during seemingly quiet times. We wouldn’t bet that the bad actors had a sudden change of heart and are no longer perpetrating these cybercrimes – instead, our money is on the likely reality that they’re just refining their approach before launching the next round of attacks. Are you ready?