His advice for defending against this type of threat:
1. Never to take shortcuts such as mapping drives to critical servers from any admin workstation. Use a tool to make remote connections when they are needed.
2. Don't just make backups but test the restore function too.
3. Consider investing in whitelisting to lock down the software that can run.
4. Enrol staff in a security-awareness programme that includes training to defend against phishing attacks. This is obviously KnowBe4's marketing message in publicising the incident but it is probably reasonable advice. Many employees have never heard of ransomware.
5. Assume something like CryptoWall will happen eventually and develop a security culture to cope.
"CryptoWall is in full swing," said Sjouwerman, matter-of-factly.
With good timing, Dell SecureWorks this week reported that CryptoWall infections have carried on rising through September and October despite greater awareness, reaching 830,000 worldwide, including 40,000 in the UK.
Sign up for CIO Asia eNewsletters.