-hackers demand payment to restore data The Guyana National Computer Incident Response Team (GNCIRT) is putting local businesses and organsations on alert to the threat of individuals who are causing damage to computer data and demanding payment for that data to be restored.The warning comes in the wake of a recent incident in which computer data from one prominent Government agency was infected by ransomware.“The Guyana National Computer Incident Response Team (GNCIRT) had one recent report of ransomware that infected several computers at a prominent Government agency in Guyana and caused irreparable damage to important data files and inconvenience to users,” the GNCIRT release stated.“Given the global trend, GNCIRT has reason to believe that Guyanese users,Brad Richards Red Wings Jersey, especially organisations and businesses processing financial transactions via email, are at high risk.”“Ransomware is a type of malicious software that encrypts your data files and demands payment in return for the key to decrypt your files. A successful ransomware attack will encrypt your data files and make them unavailable to you.“When an individual or member of staff tries to access the data files,Deion Jones Falcons Jersey, they are pointed to a ransom note with directions on how to make a payment in order to regain access to the data files.”“GNCIRT advises that a payment should never be made as there is no guarantee that the attackers will provide the decryption key. Instead, all precautions should be taken to prevent a successful attack.The release stated that the current trend is for the malware to be propagated via spam email with malicious attachments. The subject of the emails relate to alleged ‘Invoices’,Fernando Rodney Jersey, ‘Payments’, ‘Payment Notices’ or ‘Wire Transfers’ and typically have a ‘Reference# or Invoice#’ followed by random numbers to appear legitimate.The emails have an accompanying malicious attachment which is typically a zip file and include the reference number and words such as ‘invoice’ or ‘info’ or ‘note’. The use of these keywords suggests that the attackers are targeting businesses and organizations involved in processing financial transactions.Examples of email headers are: “GNCIRT advises that all staff accessing emails on their desktops or on their mobile phones be made aware of this threat. They should be alerted not to click on any suspicious emails or download any suspicious attachments. While the immediate threat is against Microsoft Windows desktop users, mobile phone users are also at risk for ransomware.Persons who are using a personal computer at home are advised to delete any suspicious e-mails and to be on the alert for future threats.Persons using an organization’s e-mail service are advised to immediately report these spam mail to their System and Network Administrator or any such person(s) who may be administering the network and email services.GNCIRT advised that the following preventative measures be taken:Make regular backup of your data files to limit the loss of data. Daily backups of critical files should be done by the System Administrator.Backups should be securely stored away from the computer systems. Flash drives and back up drives should not be left connected to computer systems.Alert all staff to exercise caution when opening emails. One careless act can expose an entire network to serious loss of data.Pay special attention to emails from unknown email addresses, emails with attachments and emails appearing to suggest payments, receipts and invoices.Observe emails that appear to come from known associates with minor variations to their names and email addresses.Also be aware of attachments with file extensions that do not match the respective document types eg. Executable files (.exe, .js, .bat, etc) masquerading as office documents (.docx,China Jerseys Cheap, .xlsx,NFL Jerseys China Online, .odt, .pptx, etc).Use an antivirus software to scan for malware. There should be online protection as well as scheduled boot scans. It is important that the antivirus software be kept up-to-date to ensure that new strains of the viruses are detected.Do not use pirated software, as most pirated software contain malware.Plug all vulnerabilities by installing all approved patches (updates) for your operating system and application software.If infected,NFL Jerseys Cheap, GNCIRT recommends the following steps be taken to mitigate the impacto not pay any ransom demand.Disconnect the impacted system/s from the network immediately and quarantine same in a secured location.Halt usage of impacted system/s to minimize loss of data.Attempt to identify which variant of ransomware you are infected with.Notify the Guyana National Computer Incident Response TeamPlease refer to www.cirt.gy for more details.Reference: GNCIRT ALERT #2015-2The release stated that regionally, Paraguay has recently experienced a ransomware campaign against its citizens.“GNCIRT asks that this advisory be taken seriously, as failing to do so may make you or your organization the next victim of ransomware. |