Imagine this. You are browsing the Internet and all of a sudden your browser crashes and a message appears telling you your files are encrypted and if you don't have over money you are never getting access to your data again - corporate accounts, irreplaceable pictures of your child, you name it. Gone. The majority of trojans over the last few years have had laser focus on stealing data and money from your computer without you realising. However, there are trojans out there that have surprising and nasty behaviours like encrypting your files with a password you don't have and demanding money to unlock them. This kind of malware is not new but over the past 18 months it has become significantly more prevalent and the malware authors have written significantly more clever and scary versions.
This kind of malware is now all over the web and your chances of running in to it and being exploited are uncomfortably high. Some of the more widespread examples such as CryptoLocker even include a count down timer which claims if you don't pay them $300 in 72 hours they will delete the key file so that your data is lost forever. Malware like this is growing more scary day by day including the ability to encrypt all your data but also to spread over the network and hit other systems. If your business is like most enterprises once you are on the inside most users have access to a large volume of data (even if they don't administrate systems). They can probably access far more than they need to for their role given the maturity of information management in most businesses. Therefore, a user who is infected with the malware could lock you out of your entire enterprise - permanently.
What is particularly scary about this kind of malicious code is that if it gets in security tools can of course clean it up, but the data remains encrypted and inaccessible. Unfortunately whilst many businesses have decent security controls they often aren't prepared for when it inevitably goes wrong. If you get hit with such malware you either negotiate with the cyber criminals and hope they give you access to your data (some are remarkably honest, but I would strongly recommend against this) or you rely on your backup procedures. In my years of IT so far visiting thousands of businesses I have found very few which were truly confident in their backup strategy. Be aware and go ask your IT manager about how prepared you are for such malicious code. Insure you have up to date security tools to detect and prevent such threats where possible and where not insure you have a business continuity plan and backup strategy.
If you want to learn more about this type of malware you can check out the write up by Naked Security [Disclosure: I work for Sophos] or check with your security vendor for more information. They have also published a nice video of the malware in action if you want to see what it looks like safely (after all, running it on your own computer would be a really bad idea!). Malware that you can't recover from should make everyone take note and ask the question before it is too late. Don't be a victim.
