Dozens of countries were hit in a cyber-extortion attack that targeted hospitals, companies and government agencies as computers across the world were locked up and users’ files held for ransom.
As of yet, there is no information of any company or oganisation getting hit by ransomware in Qatar.
Qatar’s National Computer Emergency Response Team (Q-Cert), under the Ministry of Transport and Communications, in a series of tweets has issued some tips to protect your data against such attack and also what to do if you attacked.
Malware is a general term that refers to software that’s harmful to your computer. Ransomware is a type of malware that essentially takes over a computer and prevents users from accessing data on it until a ransom is paid.
How Ransomware works
The main culprit are phishing emails. In most cases, the software infects computers through links or attachments in malicious messages known as phishing emails.
The malicious software is usually is hidden within links or attachments in emails. Once the user clicks on the link or opens the document, their computer is infected and the software takes over.
The ransomware encrypts data on the computer using an encryption key that only the attacker knows. If the ransom isn’t paid, the data is often lost forever.
How to protect yourself against ransomware?
- Store backups of important data on personal devices.
- Be sure to update your operating system, Web browsers and other programs that you use regularly.
- Update your antivirus software regularly.
- Avoid pressing anonymous links received in your email.
- Do not open any attachment unless you expect to receive this file, the malware could exploit the sender’s email (even from someone you know). So if the attachment is suspicious better check with the person who send the mail before opening.
- Block emails with attachments like compressed files or Microsoft Office files that contain malicious macro files. Don’t trust any MS Office file contains macro files, unless you created it or if you have received it from someone you trust.
What to do if you are hit by ransomware ?
- Most security firms advise against paying ransom as this will fund the hackers and their crimes. The money will help them improve their system and attack you again as they know who will pay. And paying doesn’t guarantee that the data will be returned.
- Disconnect the affected device and any storage device from the network, because in certain cases the damage might spread to other devices on the same network.
- Use antivirus software to get rid of ransomware.
- Return your files from your backups.
- If you don’t have backup of your files then find a way to remove the ransomware. Some researchers in information security companies are trying to create anti-ransomware programs.
Friday’s attack misused vulnerabilities in some versions of Microsoft Windows. For which Microsoft has released software patches for the security holes, but not everyone has installed those updates.
Anyone who applied the patch that Microsoft released likely wasn’t affected by this. So it’s better to install the patch immediately.
Users should also lookout for malicious email messages that are often disguised as emails from companies or people you regularly interact with online. It’s important to avoid clicking on links or opening attachments in those messages, since they could release malware.