The corporate world was shaken by a massive ransomware attack on Friday. The ransomware used in this attack wreaked havoc on organizations including FedEx and Telefónica, as well as the UK’s National Health Service (NHS), where operations were cancelled, X-rays, test results and patient records became unavailable, and phones did not work.
“We have sen ransomware attacks against the NHS in the past, including Barts Health Trust in January. However, this looks to be more serious and is potentially targeting core systems used by multiple hospitals. Unfortunately, the ransomware ‘business model’ is very profitable for cyber criminals and we have seen multiple reports of organisations paying out in the past,” said Rick Holland, Vice President, Strategy, Digital Shadows.
“Keeping up-to-date with ransomware is not easy; there are many variants. Many do get shut down and their encryption cracked, only for another version to spring up – therefore it’s a constant game of constant cat and mouse. Those within the NHS will now be looking to contain the threat. We can only hope that adequate back up measures have been put in place so that vital data can be restored and systems cleaned. Most ransomware locks data rather than steals it – if that is the case here then the threat can be somewhat contained,” added Holland.
What you should know about ransomware
The #aeCERT team in the Telecommunications Regulatory Authority (TRA), UAE, said that so far they have not received any information regarding e-government services cases that are affected by the virus.
TRA called on the system administrators to increase the degree of readiness and continuous monitoring of the systems and to inform the authority in case their devices have been exposed to the virus.
The authority called on users not to open links and files that they may receive from unknown sources, trying to deceive them to download it and then penetrate their devices.
What is the this virus?
It is a malicious program that affects smart phones and computers, encrypts and locks their data so that it cannot be accessed until payment is made.
How can the virus penetrate your system?
The victim receives a message or link from an anonymous person, the content of the link is a file containing malicious software. The sender tempts the victim to download the file by deceiving him that the message contains important or personal files.
The user uploads the file to his or her smartphone. Thereafter the virus encrypts important data in the device or encrypts the entire device, so that the user cannot access his data.
The offender asks the victim for money / a ‘ransom’ in exchange for the decoding of the data and returning it to its nature.
How do you reduce your risk of exposure to this virus?
Make sure to back up your device data constantly, to recover it if you are infected with the virus. Avoid opening links from unknown sources, and do not upload files sent by anonymous people via e-mail.
Use anti-virus software and make sure it’s original, and update it constantly. Update the operating system of your phone and PC continuously, and be sure to update the software in it. Avoid access to suspicious sites and be sure to download software and applications from their official sources and avoid pirated programs.
What to do if your computer gets infected with the virus
Avoid obeying them. If you pay the required amount, they will continue to extort and ask for more money. If the affected device is affiliated to your organization, inform the IT department directly.
If the affected device is your personal computer, take it to the authorized dealer. Stop operations on the device or network directly and restore the backup.