After the massive cyber-attack which affected NHS trusts due to some security patch updates which were not deployed on their systems, also the use of over 90% outdated Windows XP Operating Systems which have reached end-of-life and no longer receive security updates and support since April, 2014. We have compiled the following information below to ensure you are aware of the trends and approach of the attacks.
Based on the ongoing trend of malwares and ransomware attacks which has been growing for the past two years, we would like to inform you that our team do their very best in monitoring and protecting the network and server infrastructures. We also look out for new updates and security patches which help in reducing the level of vulnerability.
To further enlighten you about ransomwares and ways to prevent such attacks, we have highlighted a couple of information for you below.
What are RANSOMWARES?
From the name RANSOM software, it is used to hold personal or official data by locking or encrypting them and making you pay a ransom in order to have access to the original data. In a more technical term, it is a high-end malicious software which encrypts and blocks its victim from accessing their data.
There are two major types of ransomware currently trending;
• Lockers lock the victim out of the operating system, making it impossible to access the desktop and any apps or files. The files are not encrypted in this case, but the attackers still ask for a ransom to unlock the infected computer. Examples include the police-themed ransomware or Winlocker. Some locker versions infect the Master Boot Record (MBR). The MBR is the section of a computer’s hard disk which enables the operating system to boot up after shutting down. When MBR ransomware strikes, the boot process can’t complete as usual and prompts a ransom note to be displayed on the screen. Some examples include Satana and Petya variants.
• Encryptors are designed with advanced encryption algorithms. They are designed to block system files and demand payment to provide the victim with the key that can decrypt the blocked content. Examples include WannaCry, CrytpoWall, CryptoLocker, Locky, Zepto and more.
The first point of breach can occur by an uninformed user who innocently opens an unsolicited or malicious mail attachment or web link. We have also highlighted some tips to easily prevent such breach from occurring;
• Disabling inactive user mailboxes who are no longer in the firm automatically reduces the level of vulnerability. Always inform the technical team to take necessary actions as soon as possible.
• Confirm the sender email address: when you receive a mail and aren’t sure if its genuine, even when the sender name looks valid, always check the sender address to be certain it’s the valid email address.
• Do NOT open suspicious mail attachments or web link without clarifying its genuineness by contacting the sender or the technical team. Attackers try to make mail messages look very simple and unharmful, thereby triggering you to proceed to open the attachments or web links in the message.
• All systems with XP Operating System needs to be immediately upgraded to newer Operating System versions (Windows 7 or Windows 10).
If by any chance you feel you have been a victim of such, do contact the technical team for quick support to prevent a spread on the enterprise network.