Has anyone battled the cryptowall virus?

Question

It hit our network and spread to mapped drives. Decrypt files show up on several excel; word; and pdf files.

The machines hit were running Intune Endpoint Protection but we are phasing that out and currently installing Symantec Endpoint Protection in its place.

I'm wondering if the IPS component of SEP would help stop this type of attack? I've read mixed reviews on this component.

Answer

Maybe a little late to answer the question, my apologies I just registered one a couple of days ago.

We had also to deal with the same incident and unfortunately we had to use backups to recover lost files.

But, did you give a try to AppLocker?

Once I will have implemented it I can provide you with some feedback.

According to what I read on Internet, some configured file screening on file their servers to prevent cryptolocker. I did not try it though.

Answer

We had a similar incident and Microsoft Endpoint didn't protect us. Fortunately we were able to recover the network files from backups, but files on desktops were lost. We now backup more desktops but not everyone has that system installed.

Answer

We've been hit by this several times and have also relied on backups to recover data. Microsoft Forefront did not protect us. We are working on phasing that out, but you may want to look into a good Anti-Exploit program if SEP does not protect against it. These seem to be where all of the crypto stuff is coming from.

Has anyone battled the cryptowall virus?

Answers (3)

Posted by:

View more:

Related Questions

Related Links

Related Posts

Miscellaneous

Has anyone battled the cryptowall virus?

Answers (3)

Posted by:

Don't be a Stranger!

View more:

Related Questions

Related Links

Related Posts

Share