Computer malware damage important govt data; Guyanese warned
- Written by Demerara Waves
- Comments::2 Comments
The Guyana National Computer Incident Response Team (GNCIRT) wishes to alert the general public of the sudden surge in ransomware attacks being experienced globally.
Security researchers are reporting that ransomware attacks have increased nine-fold in a two-week period. Regionally, Paraguay has recently experienced a ransomware campaign against its citizens. GNCIRT has had one recent report of ransomware that infected several computers at a prominent government agency in Guyana and caused irreparable damage to important data files and inconvenience to users. Given the global trend, GNCIRT has reason to believe that Guyanese users, especially organisations and businesses processing financial transactions via email, are at high risk.
Ransomware is a type of malicious software that encrypts your data files and demands payment in return for the key to decrypt your files. A successful ransomware attack will encrypt your data files and make them unavailable to you. When an individual or member of staff tries to access the data files, they are pointed to a ransom note with directions on how to make a payment in order to regain access to the data files. GNCIRT advises that a payment should never be made as there is no guarantee that the attackers will provide the decryption key. Instead, all precautions should be taken to prevent a successful attack.
The current trend is for the malware to be propagated via spam email with malicious attachments. The subject of the emails relate to alleged 'Invoices', 'Payments', 'Payment Notices' or 'Wire Transfers' and typically have a 'Reference# or Invoice#' followed by random numbers to appear legitimate. The emails have an accompanying malicious attachment which is typically a zip file and include the reference number and words such as 'invoice' or 'info' or 'note'. The use of these keywords suggest that the attackers are targeting businesses and organizations involved in processing financial transactions.
Security researchers are reporting that ransomware attacks have increased nine-fold in a two-week period. Regionally, Paraguay has recently experienced a ransomware campaign against its citizens. GNCIRT has had one recent report of ransomware that infected several computers at a prominent government agency in Guyana and caused irreparable damage to important data files and inconvenience to users. Given the global trend, GNCIRT has reason to believe that Guyanese users, especially organisations and businesses processing financial transactions via email, are at high risk.
Ransomware is a type of malicious software that encrypts your data files and demands payment in return for the key to decrypt your files. A successful ransomware attack will encrypt your data files and make them unavailable to you. When an individual or member of staff tries to access the data files, they are pointed to a ransom note with directions on how to make a payment in order to regain access to the data files. GNCIRT advises that a payment should never be made as there is no guarantee that the attackers will provide the decryption key. Instead, all precautions should be taken to prevent a successful attack.
The current trend is for the malware to be propagated via spam email with malicious attachments. The subject of the emails relate to alleged 'Invoices', 'Payments', 'Payment Notices' or 'Wire Transfers' and typically have a 'Reference# or Invoice#' followed by random numbers to appear legitimate. The emails have an accompanying malicious attachment which is typically a zip file and include the reference number and words such as 'invoice' or 'info' or 'note'. The use of these keywords suggest that the attackers are targeting businesses and organizations involved in processing financial transactions.