See this shit? See that banner at the top where Word is inviting you to enable macros but warning of viruses?
Surprise! Shit’s A VIRUS and it will get to work immediately encrypting every file it can get access to, local and network – it’s the Locky ransomware.
The email attack vector is not unique to Locky; it goes all the way back to the 1990s with various random worms and was also a common distribution vector for Cryptolocker. It’s also commonly used in “spear phishing” attacks wherein a particular person or group within an organization is manually targeted using social engineering to trick them into executing malware.
We’ve been hit over and over with it at work. Good backups save our data each time, but dear Eris this is a colossal pain in the ass.
That being said, I’m glad my department runs cables, tames evil robot cameras that are trying to gain sentience, fixes air conditioning towers*, yells about stupid $12,000 derp boards, and makes coffee for the directorial staff.
* actually this should be facility maintenance, but I was the first one to diagnose and fix the problem. If anyone had their doubts about the weird looking new guy in engineering, they’re crumbling quickly…