Surety IT warns on vicious new ransomware

COMPUTER and internet security specialists Surety IT are warning of sophisticated new ransomware coming through internet channels that have caught many companies out – and cost them a lot of money in make-goods.

Ransomware is a type of malware that blocks access to computer files and forces the user to pay a ransom in order to release them, according to Surety IT technology director Geoff Stewart. 

Mr Stewart said the FBI is investigating a particularly nasty version of ransomware known as Samas that attempts to encrypt files on computers across an entire network, rather than just individual computers.

“As reported by Reuters, the FBI has warned businesses that the group behind Samas was utilising an automatic tool to find servers using an out of date version of popular software,” Mr Stewart said.

“They would then take advantage of a weakness in the software to install the ransomware remotely on computers connected to the network. The ransomware is also thought to delete backup files.

“Computer users are advised not to click on links or open attachments in uninvited or unexpected emails and be wary about the websites they visit as security researchers identify hazardous new versions of ransomware,” Mr Stewart said.

“They should keep regular backups of important files and store the backups in a location away from a network.”

Mr Stewart said he had also come across an attack system recently known as Petya. It is an email with a link to an infected file claiming to be a resume.

“Once downloaded and implemented, the malware crashes Windows and overwrites systems on the computer,” Mr Stewart said. “A payment is demanded upon reboot.  The ransom amount is doubled if the user does not pay by the deadline set by the criminals.

“If your computer has been infected by ransomware, you should update your system and restore the affected files from backup.  I would suggest seeking technical advice if you are unsure about the next steps.

“I don’t recommend paying any ransom demanded to decrypt files. There is no guarantee the attackers will give you a working decryption tool, and you are also not protected against future attacks.”

Mr Stewart said affected businesses should also change all passwords and usernames on all computers, choosing strong passwords. 

Surety IT is an Industry Expert member of Queensland Leaders, Victorian Leaders and NSW Leaders, the organisations helping to foster the next generation of leading Australian companies.

ends

Contact Us

 

PO Box 2144
MANSFIELD QLD 4122