January 8 2014

It has been over 90 days since we first caught wind that a really bad virus was hitting the network. The first day we didn’t want to believe it was true. It turned out to be one of the worst virus in ten years according to McAfee and it began to spread across North America very quickly. We heard from associates in New York, Missouri and elsewhere that there were infections in their regions. In our unscientific opinion the first 10 days were the worst as it seemed no antivirus product or gateway antivirus tool or firewall was blocking this malware.
We heard the rumours it was really bad and then sure enough legitimate websites began to document that entire folders or hard drives on networks were being encrypted. Once encrypted no one has able to restore the data except via a backup restore or paying the ransom to the malware seller. Officially tagged CryptoLocker a number of networks and consumers were affected by what seemed to be email attachments coming into customer’s email.
PCIT admittedly took a very heavy handed approach. For 90 days we blocked .zip files from coming into any of our customer’s networks. A few of our customers who were engineers, planners or construction company supervisors wanted to know what in the world we were doing but fortunately our site contacts backed us up and we slowly began to allow exclusions for senders who were trusted.
At the end of 90 days not one of our customers were affected with this virus. As the President I breathe a sigh of relief.
Over the last quarter of 2013 we did have a large increase in viruses that affected our customers. The frequency and the severity of the infection increased to the point where in some cases we almost could not solve the problem via a remote connection. Almost all of these infections were in environments where there was no Fortinet Universal Threat Management solution guarding the perimeter of the network.
With security threats getting stronger and more frequent we will continue to use layers of protection to guard customer’s networks. It is also worth training user’s that opening attachments or approving installations from websites are great areas of vulnerability. With these two approaches most security breaches can be avoided.

Written by Darren Boyer

Darren Boyer

Darren Boyer is the founder and president of pcit.

Related Posts:

  • Austin Williamson said, on January 8th, 2014 at 11:57.

    An ounce of prevention is worth a pound of cure, or in this case, going into high-security saved us hours of time.

    The other thing that helped was the constant flurries of workstation upgrades. With the majority of computers we protect on a modern Windows version, we didn’t have to worry about vulnerabilities (XP is notoriously easy to break).

    Let’s hear it for the visionaries!

    Rest assured, we aren’t waiting around for the next big virus attack. We’re proactively applying multiple lines of defence, starting with Fortinets.

    If you don’t have a Fortinet onsite – well, why not?