Miscellaneous Question

Has anyone battled the cryptowall virus?

09/17/2015 1147 views

It hit our network and spread to mapped drives. Decrypt files show up on several excel; word; and pdf files.

The machines hit were running Intune Endpoint Protection but we are phasing that out and currently installing Symantec Endpoint Protection in its place.

I'm wondering if the IPS component of SEP would help stop this type of attack? I've read mixed reviews on this component.

0 Comments   [ + ] Show comments


All Answers


Maybe a little late to answer the question, my apologies I just registered one a couple of days ago.

We had also to deal with the same incident and unfortunately we had to use backups to recover lost files.

But, did you give a try to AppLocker?

Once I will have implemented it I can provide you with some feedback.

According to what I read on Internet, some configured file screening on file their servers to prevent cryptolocker. I did not try it though.

Answered 08/23/2016 by: Yoplay
White Belt

We had a similar incident and Microsoft Endpoint didn't protect us. Fortunately we were able to recover the network files from backups, but files on desktops were lost. We now backup more desktops but not everyone has that system installed.
Answered 09/18/2015 by: chucksteel
Red Belt

We've been hit by this several times and have also relied on backups to recover data. Microsoft Forefront did not protect us. We are working on phasing that out, but you may want to look into a good Anti-Exploit program if SEP does not protect against it. These seem to be where all of the crypto stuff is coming from.
Answered 09/21/2015 by: ethomson
White Belt

Don't be a Stranger!

Sign up today to participate, stay informed, earn points and establish a reputation for yourself!

Sign up! or login


This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ