IT Technology Services New Orleans

Category

Microsoft

Cryptolocker Ransomware: What You Need To Know

By | IT Blog, Microsoft, news, Security | No Comments

Antivirus companies have discovered new ransomware known as Cryptolocker.

This ransomware is particularly nasty because infected users are in danger of losing their files forever.

cryptolocker

Spread through email attachments, this ransomware has been seen targeting companies through phishing attacks.

Cryptolocker will encrypt users’ files using asymmetric encryption, which requires both a public and private key.

The public key is used to encrypt and verify data, while private key is used for decryption, each the inverse of the other.

Below is an image from Microsoft depicting the process of asymmetric encryption.

assemcrypto

The bad news is decryption is impossible unless a user has the private key stored on the cybercriminals’ server.

Currently, infected users are instructed to pay $300 USD to receive this private key.

Infected users also have a time limit to send the payment. If this time elapses, the private key is destroyed, and your files may be lost forever.

Files targeted are those commonly found on most PCs today; a list of file extensions for targeted files include:
3fr, accdb, ai, arw, bay, cdr, cer, cr2, crt, crw, dbf, dcr, der, dng, doc, docm, docx, dwg, dxf, dxg, eps, erf, indd, jpe, jpg, kdc, mdb, mdf, mef, mrw, nef, nrw, odb, odm, odp, ods, odt, orf, p12, p7b, p7c, pdd, pef, pem, pfx, ppt, pptm, pptx, psd, pst, ptx, r3d, raf, raw, rtf, rw2, rwl, srf, srw, wb2, wpd, wps, xlk, xls, xlsb, xlsm, xlsx

In some cases, it may be possible to recover previous versions of the encrypted files using System Restore or other recovery software used to obtain “shadow copies” of files. The folks at BleepingComputer have some additional insight on this found here.

Removal:

Although CryptoLocker itself is readily removed, files remain encrypted in a way which researchers have considered infeasible to break.   Payment often, but not always, has been followed by files being decrypted.

Prevention:

New Orleans Technology Services has already installed a plug-in on each user workstation that will help prevent Crypto Locker from accessing user files once downloaded but we cannot guarantee the virus will not be successful.

The biggest defense may also be the easiest to apply.  If you get an email from somebody you do not know, especially if it’s got attachments, don’t open anything with it, just delete the email.  If you don’t know who is sending that email or if the subject is foreign to you, simply click delete.
Additionally, Google Mail, Google Apps for Business and Microsoft Hosted Exchange Services are currently blocking emails that contains the virus.  Unfortunately free services like Yahoo, AOL, and other free email hosting services included with Wed Site hosting like JustHost, BlueHost and HostGator are not.    If your organization uses or allows access to email not blocking the virus, you should consider this virus to be extremely high risk.

Google Earth 7: More 3D Imagery

By | Apple, Apps, Droid, Google, iPhone, IT Blog, Microsoft, news | No Comments
Google has updated the desktop version of Google Earth with 3D imagery that was previously only available to mobile users of the mapping program. A new tour guide feature—also included in the Google Earth update—allows you to fly over given areas where Google has prepared guided tours.

Google Earth 7 now has 3D imagery of Boulder, Boston, Charlotte, Denver, Lawrence, Long Beach, Los Angeles, Portland, San Antonio, San Diego, Santa Cruz, Seattle, Tampa, Tucson, Rome and the San Francisco Bay Area (including the Peninsula and East Bay). The application also provides 3D coverage of metropolitan regions in Avignon, France; Austin, Texas; Munich, Germany; Phoenix, Arizona; and Mannheim, Germany.

These are the same areas with 3D imagery on Google Earth for iOS and Android. “The experience of flying through these areas and seeing the buildings, terrain and even the trees rendered in 3D is now consistent across both mobile and desktop devices,” Peter Birch, Google Earth Product Manager, wrote in a Wednesday blog post. When zooming in, the viewing angle in the desktop version of Google Earth now tilts at a higher elevation in order to showcase 3D imagery.

The other new feature in Google Earth 7 is tour guide. Instead of searching for tours, thumbnails highlighting pre-created tours for any area you’re viewing in Google Earth appear at the bottom of the screen. When you go on a tour, you get a flyover of historical and cultural sites nearby, whether it’s Rome, the Great Wall of China, or Stonehenge. There are more than 11,000 of such guided tours, including for all the cities with 3D imagery. Guided tours also include factoid popovers pulled from Wikipedia.

Google Earth 7 is a free download for both Windows and Mac users.