Pusat Kawalan dan Penyelarasan Siber Negara (National Cyber Coordination and Command Centre (NC4)), Majlis Keselamatan Negara (MKN) telah mengesan serangan siber Ransomware (perisian komputer merbahaya) baharu. Ransomware ini merupakan sejenis perisian merbahaya yang menyekat akses kepada data di dalam komputer yang dijangkitinya (menggunakan kaedah encryption) dan menuntut wang tebusan sebagai syarat untuk membenarkan akses semula kepada data tersebut.
MKN telah mengeluarkan satu amaran awal (alert) yang mengandungi langkah-langkah pencegahan yang perlu dilaksanakan bagi melindungi sistem masing-masing daripada serangan ini seperti berikut:
|
Here is a list of new Alert and Advisory released in the NC4 Portal:
Title: New Variant of SamSam Ransomware Discovered
Introduction
National Cyber Coordination and Command Centre (NC4), National Cyber Security Agency (NACSA) has recently discovered a new variant of the SamSam ransomware.
Impact
Information loss, service disruption and monetary loss.
Brief Description
Recently, NC4 has received a report on ransomware attack and conducted an investigation to assist affected agency in recovering from the incident. During the investigation, we have managed to acquire a sample of the said ransomware.
Based on our initial analysis of the ransomware, we have discovered that the ransomware has the same characteristic of SamSam ransomware that hit the world back in 2016 but with a new unknown variant that manage to bypass antivirus protection. The original Samsam ransomware has the capability to steal password in memory using the password-attacking tool called, mimikatz. Analysis are still being carried out and therefore, technical analysis and details will be published later once analysis are completed.
Therefore, in the wake of this event, organisations are urged to take the necessary actions to protect their ICT infrastructure and to make sure all backups are properly secured and isolated. Organisations are reminded to always be vigilant in order to avoid from becoming a victim of these incidents.
Affected Products
All Microsoft Windows Operating Systems
Recommendation
Organisations are required to take the following actions:
References
How to defend yourself against SamSam ransomware
Top 4 Strategies to Mitigate Targeted Cyber Intrusions - Mandatory Requirement Explained
Thank you. National Cyber Coordination & Command Centre (NC4) |
COMPUTER EMERGENCY RESPONSE TEAM KEMENTERIAN PENDIDIKAN MALAYSIA (CERTKPM)
|
No comments:
Post a Comment