Tuesday, 5 September 2017

Awareness about a new Ransomware threat

Awareness about a new Ransomware threat

The following advisory is being distributed to raise awareness about a new Ransomware threat.

On September 02, 2017, a new wave of Ransomware attack was reported by CERT India. This Ransomware belongs to the Locky family and is commonly spread through spam & phishing emails. Please do not open emails with subjects like “please print”, “documents”, “photo”, “images”, “scans” and “pictures”. However, the subject texts may change in targeted spear phishing campaigns. Senders of these e-mails often use obscure mail subject lines with malicious attachments that prompts the recipient to open them.

This Ransomware encrypts files on victims’ PCs and adds a .locky file extension. The attackers then demand ransom to unlock the files. Though we have the requisite security measures to combat this threat. We need to be vigilant and run through the following checks Before replying to an e-mail, clicking on a link or opening an attachment. 

Take time to read the e-mail: Despite noticing a sense of urgency expressed in the subject line, try to recollect if you had received any previous e-mails on this subject.
Check sender id before replying: Confirm the sender e-mail id and domain before replying to an e-mail.

Note suspicious attachments or links: Be wary of suspicious attachments that you aren’t expecting or URLs in the e-mail.

Request all user's to check for Symantec AV update before connecting to LAN. It should be with date Greater than or equal to 1st Sept 2017 R5. If not then immediately update definition.

Kindly check whether Symantec Antivirus (SEP) client is install on all machines or not. If SEP client installed, then check whether definition is up-to-date or not. If it is not up-to-date then kindly download definition from below link and manually update definition. Post definition update, kindly run Full Scan to secure machine from virus/malware. 

If SEP client is not install, then kindly download SEP client setup from below link and install on machines also run Full Scan to secure machine from Virus/Malware. 

For Laptop, 

For Desktop, 

Make sure Windows Patches on machine is up-to-date. 

Thanks & Regards
Nilesh Patkar
Information Technology Analyst


Post a Comment