Bahayanya ransomware attack, tips untuk elak dari jadi mangsa

Sejak dua menjak ni semua company gelisan dgn ancaman cyber Ransomware Wannacry ni. Semoga semua data kita tak terkena. Mama baca dah 200 negara Yang affected Dan 200,000 yg dah kena attack. Ayoyo Ganas betul!! Genius la siapa yg buat menda alah ni.. tapi kalau buat menda yg mendatangkan kebaikan utk semua Kan lagi bagus.

Kat Malaysia pun dah 2 company yg kena attack Dan so far 3% Malaysia yg affected. So korang semua kenalah beringat ye jgn sesekali buka email spam Dan jgn sesekali buka sebarang attachment yg meragukan. Kalau tak nnti dia Akan kacau data dlm pc/laptop kita. Pastu dia minta ransom USD 300. Kalau tak bayo, jgn haraplah data kita selamat, semuanya Akan Di erase. Tetiba teringat Pula movie "hacker" mmg lebih kurang mcm ni lah diorg buat duit.

Diambil Dari the star, dah 2 company Malaysia yg dah kena. So dah semakin hampir dah ni dgn kita tau.

PETALING JAYA: Two local companies have been hit by the infamous WannaCry ransomware, three days after the malicious software was released, infecting 200,000 computers in 150 countries so far.

According to IT security services company LGMS, the first case in Malaysia involved a director of one of its clients who came across the dreaded ransomware on his personal laptop on Saturday morning.

LGMS founder C.F. Fong said the data in the laptop had to be erased as the person did not intend to pay the US$300 (RM1,300) ransom.

The same ransomware appeared in the machine of an automotive shop on Sunday morning.

“The company didn’t have any backup and might pay (the ransom),” said Fong.

Besides disconnecting compu­ters from the network, there was not much else they could do, he noted.

As of 3pm yesterday, a website tracking incidences of WannaCry infections started showing blips in the Klang Valley area.

The website displays a blip whenever an infected computer pings its tracking servers, thus allowing it to map out a geographical distribution of the WannaCry infection.

Fong added that any machine infected by WannaCry should not be connected to a public or cor­­porate network.

“Once you plug into any network, it will start spreading,” he pointed out.

Fong said none of LGMS’ clients, which include major banks in Malaysia, had reported any pro­blems so far, adding that he was quite confident that those who re­gularly updated their computers would not face any problems with WannaCry.

He said ransomware was not new but WannaCry had caused worldwide alarm because of how fast it was spreading.

“We have seen worse and devastating ransomware attacks before but WannaCry’s infection rate is one of the fastest ever as it exploits the vulnerability that exists in Windows,” Fong said.

Security companies all over the world are reporting an unprecedented wave of WannaCry ransomware infections since Friday when more than 150 countries were hit by it.

The ransomware encrypts the data on an infected computer, preventing users from accessing it.

According to a report in The Guardian, the ransomware uses a vulnerability first revealed as part of a leaked stash of NSA-related documents, which infects machines running Windows and encrypts their contents before demanding a ransom to decrypt these files.

The perpetrators promise to release the data once a ransom of US$300 (RM1,300) is paid.

In just two days, computer networks of Britain’s National Health Service, Russia’s interior ministry and international shipper FedEx, among others, were affected.

The website tracking incidences of WannaCry infections was created by a 22-year-old British re­sear­cher known only as MalwareTech, who was credited with being an “accidental hero” after discovering a “kill switch” that halted WannaCry’s outbreak.

Read more at http://www.thestar.com.my/news/nation/2017/05/16/wannacry-strikes-two-msian-companies-expert-first-organisation-infected-last-saturday/#UlCGX7vomFPYdulK.99

Ok.. Cara untuk mengelakkan kita Dari terjebak dgn virus ini seperti berikut;

*Introduction*

National Cyber Coordination  & Command Centre is monitoring developments in highlight of the massive global ransomware attacks affecting more than 100 countries since yesterday. The malware responsible for this attack is a ransomware variant known as 'WannaCry'.

*System Affected*

All computer systems using Windows Operating Systems.

*Recommendation*

Agencies are strongly advised to take the following precautionary steps:

Block the following incoming IP addresses:

a. 205.186.153.200

b. 96.127.190.2

c. 184.154.48.172

d. 200.58.103.166

e. 216.145.112.183

Block the following email addressalertatnb@serviciobancomer.com at your email filtering systemBlock connections to the following websites:

1. www.rentasyventas.com/incluir/rk/imagenes.html?retencion=081525418

2. http://www.ren tasyventas.com/incluir/rk/imagenes.html?retencion=081525418

3. https://graficagibin.com.br/loja/q.hta

Patch your Windows Operating System with MS17-010 Microsoft Security bulletin;Patch your computers with the latest windows security updates;Back up your important files and data to an external drives;Update and run your computer with antivirus that has the latest anti-malware signaturesBlock SMB ports (139, 445) from all externally accessible hosts.Do not click on any links or attachments received from unsolicited emailsDo not pay the ransom to the perpetratorsEnsure your organization is running an actively supported operating system that receives security updates.Have effective patch management that deploys security updates to endpoints and other critical parts of your infrastructure in a timely manner.Implement a disaster recovery plan that includes backing up and restoring data from devices that are kept offline. Adversaries frequently target backup mechanisms to limit the possibilities a user may be able to restore their files without paying the ransom.For CNII agency please report to NC4 for any incident related to this attack.

Terima Kasih

PASUKAN TINDAKBALAS KECEMASAN KOMPITER KERAJAAN (GCERT)

MAMPU CYBERJAYA

P/s: mama masih tak mampu nk upload gambar. Ada masalah katanya format not supported. Huhuu kuciwa.