Be Aware – New Ransomware Attacks

ransomware-2321110_1920.jpg

A global Ransomware attack is underway, using the same exploit as the previously known “Wannacry” ransomware attack of last month we reported on. Many British and European companies have been affected, with claims of entire networks being down. It is confirmed that a Ukrainian state power company, as well as Kiev’s main airport were the first to report this new cyber attack, with reports that Kiev metro system has completely stopped accepting card payments.

 

According to BBC, the Chernobyl nuclear power plant is currently monitoring radiation levels manually, as the automated sensors are Windows-based and shut down.

 

This type of malware works differently than traditional ransomware attacks, as it does not encrypt all files on a system, but rather attacks the way in which your computer finds a specific file, meaning the user is unable to open any file, as the system cannot “find” it.  The code behind this attack was reported to be on sale for as little as $28 USD on forums recently, which, given that the current exchange rate for bitcoin is 1 coin = $3031 CAD, it makes sense why this is such a prevalent and lucrative business.

 

The way in which this ransomware is being deployed is through email attachments disguised at legitimate attachments (ie. Invoice.xlsx).

 

Always implement the following steps in your email workflow:

 

  1. Check the subject line – does it seem out of character or unusual, especially if the sender is known to you?
  2. Double-check not only the name of the sender, but the email address it was sent from. Though the email might be sent by Jane Doe, who you know well, the email might be coming from a spoofed email address which will be apparent upon looking at the email address.
  3. If there is any attachment (with particular attention being focused on macro enabled Office docs and PDF docs), be incredibly wary before opening. If you are in any doubt whatsoever, contact the sender directly by phone to verify it was attached and sent to you, or reach out to your IT Service Provider to scan the attachment.
  4. Rather than follow any link or button to log in to your account (ie. PayPal, Banking, etc.), go to the business directly from the URL bar in your internet browser (ie. Type in www.paypal.com , rather than clicking on a link)

 

As always, Cyber Security involves having a sound anti-virus software, spam filtering service and firewall, but it starts and ends with you – user education is key. For a free Cyber Security presentation by our team of specialists here at Frontier Solutions, feel free to reach out to us at info@frontiersolutions.ca or, alternatively, call us at 403-251-4402.

Shaun Rowsell