By Drew Smith
A new much more dangerous computer virus has revealed itself in the last few months. The virus is named Emotet and it puts everything we know about anti-virus software in the grave as it continuously finds ways around the typical protections businesses have in place.
The virus itself is a trojan virus. Much like the mythological horse, the virus is embedded by hackers in innocent looking documents such as Word documents, Excel spreadsheets and PDFs. Then using phishing tactics, a hacker dupes someone into opening the infected file. After opening this file, the virus hides in the processes of your computer and spreads itself to other devices throughout your network. This ends up being a big problem, that is often not discovered until the virus starts affecting network performance because it is so widespread.
What makes this even more dangerous that it is polymorphic. This means that it changes its own code as it spreads itself. This is why typical anti-virus solutions cannot stop it from operating and spreading. As the virus is identified in one computer and said computer is cleaned, the computer can be re-infected by other computers in the system that are still running undetected and changed versions of the same virus
This also makes it especially dangerous with its primary target, banking and other system credentials. The virus also sends a signal out to its operators which allows them to either use the credentials to get into your system or remotely send other types unto the system such as back-doors ransomware and more. This is where the damage happens. With the constant signals, it mimics a Denial of Service (DDOS) attack slowing or even freezing the networks it infects. One company was infected with the virus and all their officer’s computers. In addition, it infected the majority of the company’s network, essentially grinding the company to a halt as they worked to purge the virus.
According to Chris Dilenno, Founding Partner of Mullen Coughlin LLC, a law firm devoted to cyber liability, “We are seeing two or more companies reporting these infections every week. Internal IT staff and even the top anti-virus companies in the world, can think they have it beat, but it in fact, we see them miss it completely. This virus is no joke.”
The best solution Dilenno offers at the moment is to put in a sophisticated endpoint protection software. It doesn’t stop the initial infection, but it is the best way to detect the virus as it operates, shut it down quickly and stop it from spreading. As with so many risks posed by business email, training employees to be wary of unknown emails, attachments or suspicious links, and to report unusual computer behavior quickly, is the best and first line of defense.