This information just came in, a few of our clients and friends are hit by what seems like the next round of Ransomware.
BBC has reported – http://www.bbc.com/news/technology-40416611
Reuters has reported – http://uk.reuters.com/article/cyber-attacks-ukraine-rassomware-idUKS8N1GY03M
It seems like this round most of the damage is happening in Ukraine but from our sources, Metro Systems, Airports , Government Systems, in Shipping Maersk Line is hit and major companies seem to have been hit by this attack.
If you happen to be one of those who have been infected by this Ransomware wave or any of the other ransomware variations. Do make sure you do not just leave it as it is. It will not clear by itself and you will probably have to make a few decisions on how you want to carry on.
- Decide if the information that has been locked are system critical
The idea behind encrypting your information, is so that you will have no other means than to pay for the release of your data. For some business owners who do not believe in paying ransom because of various reasons, it might not be that wise IF the data is system critical. You might have to recover the customer data base or the financial data base of yours that you cannot just let go.
- Your company decides to pay up
Once you have decided that your company will be paying the ransom, you could consider calling a ransomware consultant like ours to assist with the negotiation phase. If you only have 1 computer infected, thats a small matter, if 100 computers are infected, the hackers are not going to let it go easily. Watch out for this and let experts assist you in the recovery.
If your company decides not to pay up, there’s nothing much to discuss. Your computer basically is a piece of dead meat.
- Decryption phase
If you are IT trained and understand what to do, you could go ahead and perform decryption. If you are not familiar, please get an expert to assist in this phase. You might end up double locking your computer if its not done right.
- Recover and make decisions on anti ransomware and back ups
Now that you have experienced it once, its better to not get involved with ransomware again! Consult cyber security experts on your options on keeping them at bay through software installations that can help you to detect and prevent their encrypting of your data.
Also make sure you have good back up options that are on or off site so that if all else fails, you do not have to start from zero again.
Group6 Pte Ltd is a SME based cyber security firm in Singapore. If you are keen know more, call us now!
Updates: Its been identified as Petya Ransomware