النسخة العربية

Oman National CERT Towards a safe cyber environment

6th Regional Cyber Security Summit

6th Regional Cyber Security Summit

Date : 20th to 21st November 2017 ... Location : Sheraton Oman Hotel, Muscat

View
4th Oman National Cyber Drill

4th Oman National Cyber Drill

Date :23rd – 25th , October, 2017 ... Location : Grand Hormuz Hotel, Muscat

View
OIC-CERT Annual Conference 2017

OIC-CERT Annual Conference 2017

Date : 6 – 9 November 2017 ... Location : Baku, Azerbaijan

View
WannaCry Ransomware

WannaCry Ransomware

A major ransomware attack campaign hit computer systems and the attack appears to have affected a hundreds of private companies and public of organizations in several countries

View
Awareness lecture in Abdullah bin Sallam School

Awareness lecture in Abdullah bin Sallam School

Oman National CERT is organizing an awareness lecture on the topic of Blackmailing in Abdullah bin Sallam School in Al Amral – Muscat

View

Share it

Online Incidents Report
Request OCERT Services
Information Security Glossary

Latest Threats & Alerts

WannaCry Ransomware

Published Date:

5/12/2017


Severity:

High


Impact:

A major ransomware attack campaign hit computer systems and the attack appears to have affected a hundreds of private companies and public of organizations in several countries.
This ransomware encrypts the files with strong encryption algorithms which are hard to be decrypted. In order To decrypt and regain access to the files being encrypted, ransomware demands payment from you in the form of a Bitcoin ransom and give instructions on how to buy it, and provides a Bitcoin address to send it to in order to remove the infection from their PCs; otherwise, their files remain locked.


Affected Operating System & Version:

-Microsoft windows XP

-Microsoft windows vista

-Microsoft windows 7

-Microsoft windows 10


Solution(s):

Currently, there is no WannaCry decryption tool or any other solution available, so users are strongly advised to follow prevention measures in order to protect themselves:

• Upon detection of infections of this ransomware, It is recommended to isolate the infected machine from the network where possible to prevent the malware from spreading.
• Maintain up-to-date anti-virus software, and emphasize the awareness among the employees on the importance of using antivirus to scan attachments and files before download or execution .
• Make sure email protection software is exists and activated .
• Keep your operating system and software up-to-date with latest patches.
• Do not follow unsolicited web links in email.
• Use caution when opening email attachments.
• Conduct email security awareness among your employees to avoid being infected by similar malicious emails.
• Conduct routine backups of important files, keeping the backups stored offline.
• Microsoft released a patch for the vulnerability in March (MS17-010), but many users and organizations who did not patch their systems are open to attacks.https://technet.microsoft.com/en-us/library/security/ms17-010.aspx


• You can refer to Oman CERT article on Email security http://www.cert.gov.om/library_articles_details_arabic.aspx?article=1


Reference(s):

1-https://www.microsoft.com/en-us/security/portal/mmpc/shared/ransomware.aspx

2-https://www.microsoft.com/en-us/security/portal/threat/threats.aspx

3-https://twitter.com/OmanCERT