Computers all across the world in about 150 countries have been hit by a cyber attack called as ransomware in which various files from computers were locked up and held. In addition to this ransom was asked for releasing these files. Various organisations such as companies, corporates, government agencies, hospitals have been victim to this.
Ransomware is a malware that takes over the computer and prevents users from accessing the data present unless a ransom is paid in form of bitcoins. This affects the computer by way of links, attachments or phishing emails. Once the user clicks on a link or opens an attachment the computer or system gets infected. Here is a list of files that are being targeted:
– Commonly used office file extensions (.ppt, .doc, .docx, .xlsx, .sxi)
– Less common and nation-specific office formats (.sxw, .odt, .hwp)
– Archive and media files (.zip, .rar, .tar, .bz2, .mp4, .mkv)
– Emails and email databases (.eml, .msg, .ost, .pst, .edb)
– Database files (.sql, .accdb, .mdb, .dbf, .odb, .myd)
– Developers’ source code and project files (.php, .java, .cpp, .pas, .asm)
– Encryption keys and certificates (.key, .pfx, .pem, .p12, .csr, .gpg, .aes)
– Files used by graphic designers, artists and photographers (.vsd, .odg, .raw, .nef, .svg, .psd)
– Virtual machine files (.vmx, .vmdk, .vdi)
Here are some ways to prevent yourself from this cyber attack.
- Have an updated antivirus system installed in all your devices that can detect unauthorized activities.
- You must always have a backup of all the offline databases that are of your use. Regularly update these as well.
- For organisations who have business requirements of connecting to the Internet through Enterprise Edge or perimeter network devices [UDP 137, 138 and TCP 139, 445] should block their SMB ports or disable SMBv1.
- If you are using systems like Windows XP, Vista, Server 2008, and Server 2003 then you must update to the latest version.
- Block attachments of these file types: exe|pif |tmp |url|vb|vbe|scr|reg| cer|pst|cmd|com|bat|dll|dat|hlp|hta|js|wsf
- Disable macros in Microsoft Office products. There are specific settings available for blocking macros originating in the Internet.
If you get any mail that seems to be bulk sent never open it. It is best to delete these mails and not ever reply to them. These scammers may try to scare the victim by saying that the work is urgent or immediate arrest could happen so as to create a panic. Always contact the concerned authority first before taking any action.
NepaliPage,connects Australian Nepalese Community & Australian Nepalese Business Globally
Disclaimer: NepaliPage.com (नेपालीपेज डटकम) is a Nepalese Community website aggregating Nepalese Australian affairs including Australian Nepali Community News, Migration opportunities in Australia, Nepali International Students, Nepali home and garden, Nepali mortgage and real estate tips, tricks, and services, Travel, Entertainment, Nepalese Events, blogs, interview and many more. None of our stories is tailored expert advice for your circumstance, and cannot be taken as legal, migration, or any other expert advice. By nature, all of our contents provide general information on related topics from the various verified sources. We do not offer direct employment opportunities, Australian VISA help, and Migration assistance.