Wannacry 2.0 Ransom and MalWare Warning

Dear valued clients,

As you may be aware, there has been a worldwide epidemic in hacking for ransom or ransomware which has featured prominently in the news.

Wannacry 2.0 is NOT A VIRUS, but a malware (MALicious softWARE), otherwise known as RansomWare or a type of Cryptolocker, which encrypts your data. Then prompts you to contact the offender to pay a ransom to unlock or decrypt your files.

Antivirus software MAY NOT stop it as it is executed “accidentally” by users, usually by opening emails or attachments to emails.

Even if you receive an email that appears legitimate or from a friend, it could be infected, as the person who is sending you the email may have an infection on their PC.

The best practice, if you receive an email with an attachment, is to contact the person sending the email to confirm it’s legitimacy by phone.

Very often, the malware masquerades as
An invoice
A statement
A fine or infringement
An official letter
A letter from the ATO
… or something important that you are enticed, encouraged or would want to open.

This is how it bypasses your anti-virus, as anything intentionally opened by you, the user, is assumed to be safe or allowed – akin to when you click “Next” or “OK” when installing software, the anti virus will allow you to install because you clicked on it to install.

Unlike a virus infection, once files are encrypted, they CANNOT be cleaned. 

There is usually little chance of undoing it without paying the ransom to get a decryption key.

The best remedy for this is to restore from a backup, so please ensure you have backups in place for your pc, laptop, data or system. 

IMPORTANT – You must ensure that the backup is not attached to your system, as any attached drive, USB, network, data drives etc. can also be encrypted rendering them useless.

If you are unfortunate enough to get infected or suspect an infection, take these steps immediately 

  1. Unplug your system from the network or disconnect it from your wireless – the malware spreads by traversing networks and using an exploit in your operating system.
  2. Power off your PCs and laptops – powering off will put a stop to the encryption process, it can’t encrypt if it isn’t turned on.
  3. Contact your IT team to help – the sooner they know, the better your chances of recovering any unencrypted files. 

If you are not certain on the process or procedure of safeguarding yourself, please contact us on 6424 8385 or 0433 424 737.