Major Ransomware Attack Underway, according to Security Experts

If you received a suspicious-looking email this weekend and aren’t sure about the attachment, it might be wise to send it straight to the trash. According to IT security experts Barracuda Networks, there is currently a widespread ransomware attack in progress that could be set to disrupt healthcare and other industries. The extent of the attack is not yet known, but in the past few weeks, researchers at Barracuda Networks have detected around 20 millions attempted attacks.

This latest attack comes just months after the dust from the WannaCry ransomware attack has settled. This latest attack uses impersonation to gain the trust of the recipient and infect individual computers and networks. The attack starts with an email from a spoofed address landing in your inbox. The attachment name is variable but will be included in the subject line. According to the example provided, the subject line is a variation of the following: “Payment_201708-6165” with variable numbers at the end.

The attachment is a Javascript file in a 7-Zip archive folder, and it should be picked up by up-to-date anti-virus software, but unfortunately, many people will circumnavigate these protections, turn them off, or fail to update them. Once the user downloads the file and unzips it, the user will be presented with a document demanding payment for a decryption key. You can read more about the ransomware attack in this blog post.

What should I do if my computer is infected with ransomware?

If you see a screen demanding money or BitCoin in exchange for the decryption key, it’s important not to bow to demands or hand over any money. For starters, there’s no guarantee that you will actually receive the code to unlock your files. It also makes you an easy target for future attacks as hackers will know that you are willing to part with money to get your computer back in working order. During a company-wide attack, it can be tempting to hand over the money just to return to normal, but this is unwise.

Often, if you have a sufficient backup plan in place, then a ransomware attack can easily be resolved by reverting to a previous backup. Prevention is often the best way to keep the hackers at bay, so regularly reviewing your IT security plan and ensuring you regularly back up systems and files is essential. If you aren’t sure what to do in the event of an IT security breach, get in touch to speak to our team about our IT security solutions.