What is Locky, and what does it do?
Locky is the latest addition to the ransomware library. It is usually downloaded through an email attachment as a word document which, when opened, looks like it is still encrypted. It then informs you to 'Turn on macros' to view the document without encryption. This is a ruse, so do not enable macros!
The macros in this document are nasty little blighters, and turning them on sets off a chain reaction which spreads through your PC, network, and anything else that's connected through your machine - including the Cloud.
Locky encrypts all your files, photographs, and programs, and then sends you a bill for the amount it will cost to unlock them in the form of a slightly sarcastic message. Those behind Locky usually want paying in BitCoin, and seem to be asking for anywhere between £140 to £280. However, criminals have demanded larger amounts than this.
Can I just pay up?
Technically, yes. You can buy the BitCoin and send over the funds and hope the cybercriminals are true to their word. But there is absolutely nothing stopping them from demanding more money, or not providing the decryption key and just disappearing with your funds.
It's a fairly risky move when you consider that you could have handed them the contents of your computer and a big cheque. There's also no guarantee that your computer will be clean of viruses or malicious software afterwards.
How can I prevent this from happening?
Phishing emails are still a huge cause of these infections. You should never click any attachments from an email when you don't know and trust the sender. Check out our guide to spotting them here.
Good quality anti-virus software is essential, as is a strong web and email filter. These need to be updated regularly, so that your systems are always protected against the latest forms of ransomware.
The most important precaution you can take is to always back up your systems, so that if you are infected you can always go back to the last restore point. Without a backup, there is no way for anyone other than the criminals to decrypt your files.
I've been infected, what should I do?
We do not advise you to pay the ransom as there is no guarantee that you will receive the decryption key. Please feel free to give us a call on 0191 482 0444 to discuss how we might be able to help.