Virus Victims: Cryptolocker Ransomware

What is a Cryptolocker Ransomware Virus?

There has been a virus attack which took place on Friday 14th May and was a Crypto Locker virus. A Cryptolocker virus is a Trojan horse which misleads users and disguises its true intent. This Trojan horse will infect your computer and encrypt your files and are locked. There are only two keys, one is a public key which is used by the hackers to encrypt your data and the other is a private key. The private key is used to decrypt the files and this is the key that is used as a ransom since the victim is told they need to pay a certain amount to get the private key to restore their data otherwise the hackers will destroy the victim's data.

Common Methods of Infection

Traditionally the most common method is through downloading attachments from emails that are disguised as familiar file type such as *.doc but have an *.exe extension which is hidden. Once this has been downloaded, it opens and activates the virus but your machine will appear to run normally until all files have been encrypted. One other way is through download prompts on websites for plug-ins which operate in the same way the aforementioned does. The Trojan horse can not replicate itself which is why the methods mentioned are all downloads.

 

Who Were Affected?

Reported in the news, the ransomware attack has hit many different companies including the Irish NHS. We were hit with the same virus on May 14th, the virus targeted our exchange servers but thanks to our practices in place for passwords and internet shutdowns, only a minor amount of servers were hit. We quickly rolled back to snapshots of the affected servers so only a very small number of emails were lost on the Friday night. After an extensive check of all our servers in our VM environment, no other servers were corrupted and all systems were operational by midnight on Friday 14th May. However, companies such as Pipeline in the USA and the Irish NHS are still without services.

Given the frequency of virus attacks lately, we are offering a free cyber security check to ensure your network is safe and secure. Click here to find out more.

Department for Education: Malware Misfortune

Recently there has been news circulating that a few of the Department for Education (DfE) laptops, that are being distributed to disadvantaged children to help with schooling, have had a virus on them. The government scheme enabled disadvantaged children to access lessons from the comfort of their own home during school closures across the country and there are currently over 1.2 million devices that have been distributed with the Department for Education being on track to meet its target of 1.3 million. The virus is called Gamarue.I and is a worm which had been previously identified by Microsoft in 2012. Gamarue is a malware botnet where infected devices communicate to Gamarue servers to harness click-bait fraud and steal confidential information such as credit card details. The virus was found to be contacting a server in Russia whilst active in a Bradford school.

What Do We Think?

We believe that because the DfE laptops were refurbished, there was a higher chance any malware could have been present but it unfortunately turned out to be Gamarue. However, you would think that wiping the data from the devices before delivery would be a standard procedure since they are for disadvantaged children. We at Advanced IT Services thankfully haven’t encountered any laptops with the virus especially since it only affected a minor number of laptops. Nevertheless, it is still invasive, infectious and one of the most severe malware strains still around today. One common way Gamarue penetrates your machine is through spam emails with attachments and it makes changes to browser settings add toolbars and even download files directly onto your machine’s registry. The best way, in our opinion, to get rid of such viruses is to completely wipe the devices or use a notorious anti-virus software such as Malware Bytes. However, Cyber Security is now a key part of any organisation and we can make the process of implementing it easier than ever before; find out how here.

Due to the sheer volume of devices and the lack of time and preparation, it is understandable that things may have been missed; everything, in retrospect, is obvious. However, it feels like the government is just throwing money at the Education sector and expecting everything to cope which is not the case. Every school and educational setting is different and all of the guidance given reflects that which is why it is so vague because the head of each educational setting should then determine how the advice can be applied to them. One the other hand, it has been an extremely difficult time for everyone but it has definitely changed a lot of perspectives on many different ideas such as working and education.

Epidemic Employment: Is This The Future?

COVID-19 has been one of the largest outbreaks the world has seen since the Spanish Flu. With each country determining the best plan of action; many changes have been made especially regarding employment. Panic was spread across the nation with uncertainty being at an all-time high and a large number of people found themselves unemployed.
However, restrictions and guidelines were put into place thereby transitioning countries like the UK towards complete remote working wherever applicable. It’s been clear that there is separation between the people that are happy with it and those who are not.

Given the significance of COVID-19, all sectors have been affected but some more than other. An example would be education with schools being forced to close to the majority; it changed the lives of every parent, teacher and child per school. However, in IT, a lot of work can be carried out remotely such as technical support.
IT, as a whole, is a diverse market and is constantly evolving but this pandemic has given a push to companies to commence remote working schemes and rotas because there was no other choice given the scale, severity and magnitude of COVID-19 especially being as contagious as it was and currently is. This is supported by the emergence of cloud networking which has now become a massive part of both private and public sector business. Cloud networking, which we provide and you can find out more here, is essentially a secure way to store all of your data whilst being very cost effective but also be easily accessible. With this, it is now easier to work from anywhere meaning that people are no longer tied to their specific office building to work.

As reported by the Office for National Statistics, 46.6% of people in employment did some work at home and 86% of those did so due to the pandemic. It has opened a lot of eyes on how employment and work locations operated before COVID-19.
This may be a future way of working permanently with jobs such as developers being able to work from home which greatly benefits companies due to the potential of saving thousands in overheads for maintaining a company building. This, as we have said before, can benefit all parties involved but other industries like construction and building will not have this option because their work cannot function as such.

How Has The Pandemic Affected AIT?


Advanced IT Services is a prime example of a company that has coped very well during these pandemic times as with other IT companies because there has been an increase in demand for IT equipment and support with reduced supply given the fact that countries like the UK have urged people to stay and work at home. Although, this actually negatively impacted consumers because the movement of goods was limited across the globe meaning that suppliers incurred higher costs leading to higher consumer pricing and the consumer pricing has soared massively. This along with the increased unemployment made it difficult for the everyday person to purchase some of the equipment needed to work from home thus their employers had to pay out to facilitate remote working.


Advanced IT Services do support schools as well as companies and support was needed more than ever because thousands of staff had to use devices at home even if they have never before. Zoom and Teams came into fruition during the COVID-19 period and Advanced IT Services, like many other IT support businesses, helped set up, deploy and educate their clients on operation. AIT have still been operating as normal with the exception of visiting sites that we manage due to the restrictions. Remote working, for a lot of people, has been a new venture because it has not been performed at such a scale before this.