Ransomware warning for NZ

There have been some reported infections in New Zealand of the latest version of ransomware that encrypts data on computers and then demands money (Bitcoin) to un-encrypt it.

And there are warnings that more could be hit as people return to work on Monday morning and check their emails.

Don’t click on any email attachments until you are certain they are safe. Ransomware tries to appear as from a trusted source, and has proven that you can fool some of the people all of the time.

RNZ: NZ computers caught up in global cyberattack

Computers in thousands of locations have apparently been locked by a programme, WannaCry, that demands $300 ($NZD430) in Bitcoin.

There have been reports of infections in as many as 100 countries, including several in New Zealand, a live-tracking map of the attack showed.

The government’s cyber emergency response team (CERT) said it was aware of the ransomware and was working on how to advise those affected.

It said the attack will likely take the shape of a phishing email with a malicious attachment or link in it and exploits machines running un-updated versions of Windows XP through to Windows 2008.

Once a single computer in a network is infected with WannaCry, the programme looks for other vulnerable computers on the network and infects them as well.

A spokesperson says people with locked up computers should lodge a report on the team’s [www.cert.govt.nz website].

More at Computerworld: A ransomware attack is spreading worldwide, using alleged NSA exploit

 

10 Comments

  1. Alan Wilkinson

     /  May 15, 2017

    Wrong. This attack has been switched off by registering a check domain. The next one is the risk, not this one.

    • I certainly wouldn’t assume that everything is safe after one domain was set up.

      I also wouldn’t assume that no damage will be done immediately before that domain is accessed, nor that there is nothing else that could re-trigger the ransomware (which must already be on the computer to access the domain).

      • Kitty Catkin

         /  May 15, 2017

        Call me neurotic, but I prefer to assume that there is still a risk and act accordingly.

        • Pickled Possum

           /  May 15, 2017

          Hey Neurotic,
          ‘A risk and act accordingly’
          I am in agreement with you on that one. 😉

          • Alan Wilkinson

             /  May 15, 2017

            Of course there is a risk if you run old unpatched systems and especially if you don’t have a virus checker and click on unknown sourced email attachments.

            All of which it appears the UK NHS appear to do.

          • Kitty Catkin

             /  May 15, 2017

            I see on the news that we are right to be neurotic on this one 😀 When in doubt-chuck it out.

    • Alan Wilkinson

       /  May 15, 2017

      Alarmism. Any competent IT department should have dealt with it over the weekend. And they should have virus checking on their email gateway to stop it coming in in the first place. If there is any further infestation that is grounds for sacking for incompetence.

      http://www.theregister.co.uk/2017/05/13/wannacrypt_ransomware_worm/

      • Kitty Catkin

         /  May 15, 2017

        One would be very silly to act as if what people should do is what they have done-human error must be taken into account. Drivers should be aware that pedestrians sometimes step out into the road, but I am not going to walk out into traffic because drivers SHOULD be aware of this habit of pedestrians..

  1. Ransomware warning for NZ – NZ Conservative Coalition