Gerry Morley - Cyber Security & Disaster Recovery Consultant No Comments

Ransomware virus DynA-Crypt causes a full blown data breach as it not only encrypts your data, but then steals and uploads it online.

DynA-Crypt Ransomware

What this means?

The EU mandated GDPR (General Data Protection Regulation) which comes into force on 25th May 2018 will penalise companies not prepared for such data breaches resulting in large fines (approx. 4% of turnover or up to 20 Million Euro whichever is greater). To reduce the chances of being fined to the full extent of this new law – companies will need to begin to work on putting in place the necessary data protection processes and procedures to be able detect when a breach happens/happened, identify what if any personally identifiable data was stolen and have a breach response plan that will ensure the breach is properly handled and reported to the Data Protection Commissioner within 72 hours of detecting the breach.Should a breach occur the Data Protection Commissioner will then undertake an audit to see if each business has proactively undertaken steps to become compliant with the regulation prior to the breach. That is – has the business created an inventory of all personally identifiable data that lies with their servers/desktops/databases/applications/networks and have they put processes in place to maintain, manage, monitor and secure access to such data in compliance with the regulation (including ensuring that third parties/cloud services that host or process the data are also compliant with the GDPR guidelines).

Failure to have processes in place to protect and maintain personally identifiable data will increase the chances of being penalised to the full extent the regulation allows.

 

Malware Creation Kit makes it easy for wanna be cyber criminals to mimic DynA-Crypt 

Per the BleepingComputer article which announced the new strain – the virus was created by an online malware creation kit that that allows any would be cyber criminal to create their own malware. This means its easy for someone who has no idea what they are doing to create a similar working malware variant.

 

DynA-Crypt Steals a serious amount of data and then deletes your data

DynA-Crypt will take screenshots of your active desktop, record system sounds from your computer, log commands you type on the keyboard, and steal data from numerous installed programs. To make matters worse after it steals your data, for no apparent reason it also deletes many of the folders that it stole from. What’s even worse is the malware deletes everything on the desktop.

 

The Ransomware Portion can be decrypted

The good news is that the files that this ransomware encrypts can easily be decrypted. If you are infected with this program do not pay the ransom.

If you need help with decyrpting files encrypted by this ransomware , you can leave a comment on the Bleeping Computer article and a decryption program will be provided.

 

How to Protect Against Ransomware

While no one measure will 100% prevent you being a victim of ransomware – there are a number of measures that can be undertaken to drastically reduce your chances of being a victim. The most effective approach is having a layered evolving cyber security framework that continuously monitors the latest threats and puts in corresponding preventative measures. Two of the most important being;

(i) a cyber security awareness training and testing process for staff to keep them aware of the latest threats and

(ii) a robust set of endpoint protection measures (next generation Antivirus software, web security measures, software restriction policies etc).

Don’t forget to have a robust, tried and tested backup and disaster recovery process that ensures all your data is backed up (offsite & off network) as many of these new viruses will attempt to delete your backups stored on other network connected devices or connected USB drives etc.

More Information

For more information on the DynA-Crypt ransomware virus, visit the original source for this article at Bleeping Computer.

For more information on GDPR and what it means for businesses, visit the Data Protection website