This weekend the largest ever ransomware attack in the world has been hitting computer systems of private and public organisations in hundreds of countries, NZTech chief executive Graeme Muller says. Dubbed "WannaCry", the malware spreads via phishing emails where a message that appears to come from someone people know encourages them to open an attachment or click on a link, only to deposit a small piece of malicious code on your system. The bug looks for machines running unpatched versions of Microsoft Windows and then spreads across your network infecting other machines as it goes.
“Called a ransomware as it locks people out of their files and demands a ransom before they can access them again. While the ransom is relatively small at around $NZ430 per computer, the criminals who are collecting the ransom will be making millions having successfully taken down large organisations such as the NHS (UK’s National Health Service), Telefonica and FedEx as well as thousands of smaller businesses.
“As a result, the recently launched New Zealand Computer Emergency Response Team (CERT) is getting its first real test this weekend and have provided excellent advice for Kiwis.
“First, don’t open suspicious emails or emails from unknown people. Secondly, ensure that you keep your computer updates up to date. In this case ensure the Microsoft patch (MS17-010) released in March has been installed by running an update. Finally, you can also reduce the risk by blocking international emails for a few days until the wave passes.
“If you do get attacked the only option you have is to pay the ransom or throw away your computer. If you get attacked disconnect from any network you are on to prevent it attacking someone else. If you are running a computer with Microsoft XP or 2003 operating systems turn it off now as there are no patches available for these older systems.
Security company Symantec says a number of organisations globally have been affected, the majority of which are in Europe. While this malware slowed down during the weekend, a new variant seems to be already out there.
The company explains why this specific malware is replicating it so fast. "WannaCry" has the ability to spread itself within corporate networks, without user interaction, by exploiting a known vulnerability in Microsoft Windows. Computers which do not have the latest Windows security updates applied are at risk of infection.
Ways to keep yourself safe include keeping your security software up to date to protect your computer and mobile devices as well as keepinh your operating system and other software updated. Software updates will frequently include patches for newly discovered security vulnerabilities that could be exploited by ransomware attackers.
Email is one of the main infection methods. Be wary of unexpected emails especially if they contain links and/or attachments.
Be extremely wary of any Microsoft Office email attachment that advises you to enable macros to view its content. Unless you are absolutely sure that this is a genuine email from a trusted source, do not enable macros and instead immediately delete the email.
