We warn against ransomware attacks
Given the current situation in the spread of ramsomware infection in the Czech Republic (warning was also issued by the National Cyber and Information Security Agency), we would like to recommend you to pay maximum attention to the compliance with the security policy throughout your organization. If your organization is attacked, the consequences may be fatal, both from the point of view of the organization's operation and from the financial point of view.
The attackers take advantage of the current emergency situation, where the employees of the organizations work in most cases online from home. The attack can be prepared and manifested even within months, so please carry out ongoing inspections, which can help prevent damage through early detection. Also inform your users and repeat the principles of secure behavior within IT security, especially warn them to be careful when opening e-mails from unknown recipients. Prevention is important.
Since Monday 6 April, KPCS CZ has been dealing with 4 cases of infection in the organizations that have contacted us, and we are currently conducting investigation there.
In case of need, contact us, we will be happy to help you, because the prevention of cyber attacks is certainly a much better option than solving the subsequent problems after the attack. Based on the experience of KPCS CZ security experts, the following are currently the likely attack vectors:
- Intrusions into the environment through outdated versions of operating systems that are published on the Internet, regardless of whether they are published on default or other ports
- Weak passwords of users and administrators, which are often attacked through published applications and services, such as terminal servers, mail servers or even cloud services
- Phishing with links to download fraudulent attachments, often payment orders or information related to the COVID-19 infection
Measures recommended by the National Cyber and Information Security Agency can be found at: https://www.govcert.cz/cs/informacni-servis/hrozby/2747-upozorneni-na-hrozbu-ransomware-utoku/