Ransomware Continues to Spread as the Locky Campaign Expands

The UK and other European countries appear to be the current focus of the Locky campaign, which we first reported on back in March of this year. As the campaign continues to gain momentum it has become the most common malware detected in the United Kingdom, according to a top IT security software firm, accounting for just over half of all malicious email attachments. As we mentioned in the original article, Locky got its name from the fact that it encrypts, or locks, files on victims’ computers before demanding a ransom for the key to unlock them.

Commercial Targets

While it is bad enough for anybody to have their personal files encrypted by ransomware, large corporations may be particularly vulnerable considering the nature of the files that employees often store on their desktop computers. Faced with the possibility of losing corporate data on a scale that was scarcely imagined before, many companies may be tempted to pay the ransom immediately and hope for a swift resolution. However, some of the perpetrators are reported to have become greedier as the ransomware has proliferated and the practice of demanding a second, or even a third, ransom is becoming increasingly common. Anti spam enterprise software that stops the messages with the malicious attachments from reaching their intended targets in the first place is a far more reliable solution.

Preventative Measures

With Luxembourg, the Czech Republic and Austria suffering even higher percentages of Locky attachments detected than the United Kingdom, and reports of attacks coming in from Asia and the USA as well, the best time to take preventative action is right now. There is no point in delaying, especially as attackers have begun to experiment with new ways of getting past existing security systems in recent weeks. An effective corporate anti-spam filter is a must for any company that wishes to protect itself from ransomware attacks and given the low cost of such solutions, it would be madness not to invest in one.

Government and Health Organisations Not Immune

While the obvious targets would seem to be global companies with plenty of cash to burn, local governments and hospitals have been among those affected by the Locky campaign in the last few months. The main government admin centre in Mumbai, India, which is responsible for the whole state of Maharashtra, reported that over 150 of its computers had been infected by the ransomware. Fortunately, they were able to isolate these machines and stop the attack from spreading to the rest of their PCs, of which there are more than 5,000. A hospital in Hollywood, Los Angeles, paid a $12,000 ransom when affected by Locky, and Methodist Hospital in Kentucky also had a problem with the ransomware.

These types of attacks can normally be prevented with the implementation of an effective anti spam gateway such as we provide. If you would like to protect yourself from future ransomware attacks, feel free to get in touch with us to discuss your options in detail.